Abstract: A security code module is provided that a developer may include in an application. The application, when downloaded onto a mobile communications device, includes the security code module. The security code module then initiates a request to a server to determine the status of the mobile communications device. When the status indicates that the mobile communications device is not in the possession of the registered owner, a security component on the server performs an action in response.

Abstract: For increased security, a source is determined for software to be installed on a computing device. In one approach, an application identifier is received from the computing device for an application to be installed. A source identifier of the application is determined. The application identifier and the source identifier are sent over a network to a server. A first state designation for the first application is received from the server. The first state designation represents a trusted state or an untrusted state. In response to receiving the first state designation, a second state designation is set. The second state designation is sent to the computing device.

Abstract: Embodiments of the present disclosure help protect computing devices by, among other things, identifying events that may pose a risk to a computing device based on data from sensors coupled to the computer device.

Abstract: An action may be performed in response to a determination of a source of side-loaded software. In one case, the handling of an application on a mobile device may be based on whether the source of the application is trusted or untrusted. If a software application being newly-installed on a mobile device of a user is determined to be untrusted, installation or execution is blocked. In one approach, the determination of the source includes: receiving, from the mobile device, a first application identifier and a first source identifier, each for a first application; sending the first application identifier and the first source identifier over a network to an administrator server; receiving, from the administrator server, a first state designation for the first application; setting a second state designation based on the first state designation; and sending the second state designation to the mobile device.

Abstract: A computing device creates verification information and a challenge token and sends the verification information and token to a server. The computing device receives authentication credentials and a command from the server and a command. The authentication credentials were generated using verified authentication information and the token. The computing device verifies the authentication credentials and processes the command if the credentials are valid.

Abstract: Systems and methods for coordinating components can include: determining, by a first application executing on a client device, a need to perform a sharable functional task; identifying a first software component installed on the client device and capable of performing a first variation of the sharable functional task; identifying a second software component installed on the client device and capable of performing a second variation of the sharable functional task, wherein the second variation of the sharable functional task is functionally overlapping with and not identical to the first variation; identifying a set of characteristics of both the first software component and the second software component; selecting the second software component for performing the sharable functional task based on the set of characteristics, where the set of characteristics includes at least a version number; and delegating performance of the sharable functional task to the second software component.

Abstract: Techniques for phishing protection using cloning detection are described herein. The techniques described herein can include a server which hosts a website detecting that a fetcher is a cloning toolkit or an entity known for using a cloning toolkit. The techniques can also include a server which hosts a downloadable application (such as a mobile application) detecting that a fetcher for the application is a cloning toolkit or an entity known for using a cloning toolkit. The detection can be done in several ways, such as by analyzing data logs for patterns associated with cloning toolkits or entities known for using cloning toolkits. The techniques described herein can also include a part of an end user device (such as a part of a mobile device) detecting a clone (such as a clone website or application) that was cloned by a cloning toolkit. Then, upon detection, security actions can be taken.

Abstract: Systems and methods are disclosed for managing personal data on a mobile communications device in which personal data stored at one or more locations on the mobile communications device is identified by a policy management module on the mobile communications device. A policy is then created based on the identified personal data. The policy management module on the mobile communications device monitors at least the personal data stored in the one or more locations on the mobile communications device and detects attempts to access the monitored data.

Abstract: Methods and systems provide for preventing a false report of a compromised connection even though a security component receives an indication a connection is compromised, and the security component, by default, would report a compromised connection. In the method, the security component determines that captive portal authentication is enabled for a computing device. The security component requests a response from a server over a connection, with the response indicating that the connection is compromised. However, because captive portal authentication is enabled, the security component does not report the connection as being compromised.

Abstract: Disclosed herein are techniques for detecting phishing websites. In one embodiment, a method is disclosed comprising receiving, at a server, a request for a webpage from a client device; generating, by the server, and inserting an encoded tracking value (ETV) into the webpage; inserting, by the server, dynamic tracking code (DTC) into the webpage, the inserting of the DTC further comprising obfuscating the DTC; and returning, by the server, the webpage including the ETV and DTC to the client device, the DTC configured to execute upon receipt at the client device and validate the ETV upon executing.

Abstract: Methods and systems are provided for conditionally granting access to service levels based on a determined security state of the device requesting access. A software component, upon receiving a request for access to a provider having a plurality of service levels, determines the current security state of the requesting device. The software component compares that security state to a policy associated with the provider. The software component then allows the requesting device access to the provider services where the device's current security state meets or exceeds the security state required for the service.

Abstract: A software component, upon receiving a request for access to a provider having a plurality of service levels, determines the current security state of the requesting device. The security state of the requesting device varies according to severity levels of device security events. The software component compares that security state to a policy associated with the provider. The software component then allows the requesting device access to the provider services where the device's current security state meets or exceeds the security state required for the service.

Abstract: In a method and system for responding to an unauthorized action on a mobile communications device, a cryptographic key is destroyed. The destruction of the cryptographic key is followed by initiating a boot sequence at the mobile communications device where the device is booted into a kernel that restricts operation of the mobile communications device to communications with a server.

Abstract: Security is enhanced for a user of a mobile communications device by monitoring device usage and modifying an operational context for device usage. By monitoring current activities of the mobile communications device, a current context for operation of the mobile communications device is identified, and the current context indicates that a first activity is scheduled to be performed by a first resource. However, upon determining that the first resource may not be sufficient to perform the first activity, an alternative resource for performing the first activity is identified, and the current context is modified to substitute the alternative resource for the first resource in order to perform the first activity.

Abstract: Software applications to be installed on user devices are monitored. Authenticity of the applications is evaluated using trust factors. In some cases, the trust factors relate to security associated with a network being accessed by a user device. In response to the evaluation, an action is performed such as configuring or disabling execution of one or more components of an application.

Abstract: A method includes: determining an encryption level associated with an application installed on a computing device; determining a context in which the computing device is operating, wherein determining the context comprises identifying a geographic location of the computing device; determining at least one rule associated with the context, wherein determining the at least one rule comprises identifying a security policy corresponding to allowed encryption levels associated with the identified geographic location of the computing device; determining whether the encryption level associated with the application installed on the computing device meets the allowed encryption level associated with the one rule; and in response to determining that the encryption level associated with the application installed on the computing device does not meet the allowed encryption level associated with the one rule, causing at least one action on the computing device to meet the allowed encryption level associated with the one r

Abstract: Embodiments of the present disclosure help protect computing devices by, among other things, identifying events that may pose a risk to a computing device based on data from sensors coupled to the computer device.

Abstract: Systems and methods for enhancing the security of an electronic device by causing the electronic device to go into a mode for lost or stolen devices after a security component receives information regarding an event at the electronic device and determines that the event indicates the electronic device is lost or stolen.

Abstract: A computing device creates verification information and a challenge token and sends the verification information and token to a server. A server receives a command and authentication information and uses the verification information to verify the authentication information. The server creates authentication credentials based on the authentication information and the challenge token. The computing device receives the command and the authentication credentials from the server, determines whether the credentials are valid, and then processes the command if the credentials are valid.

Abstract: A system and method to create a policy for managing personal data on a mobile communications device are disclosed. Personal data stored at one or more locations on the mobile communications device is identified by a policy management module on the mobile communications device. A policy is then created based on the personal data stored at the one or more locations. The policy management module on the mobile communications device monitors at least the personal data stored in the one or more locations on the mobile communications device.