Abstract: Data is collected from a set of devices. The data is associated with the devices, mobile application programs (apps), web applications, users, or combinations of these. A norm is established using the collected data. The norm is compared with data collected from a particular device. If there is a deviation outside of a threshold deviation between the norm and the data collected from the particular device, a response is initiated.

Abstract: A system and method including: determining, by a manager module, a need to determine a primary software component of a client device; identifying a first software component and a second software component of the client device; identifying a set of characteristics of the first software component and the second software component; determining that the first software component is the primary software component based on the set of characteristics of each software component, where determining the primary software component further includes comparing the set of characteristics of each software component and selecting the primary software component based on the set of characteristics with a highest priority; and instructing, by the manager module, the one or more processors to cause functionality associated with the second software component to be at least partially suspended.

Abstract: A system and method to create a policy for managing personal data on a mobile communications device are disclosed. Personal data stored at one or more locations on the mobile communications device is identified by a policy management module on the mobile communications device. A policy is then created based on the personal data stored at the one or more locations. The policy management module on the mobile communications device monitors at least the personal data stored in the one or more locations on the mobile communications device.

Abstract: A source of side-loaded software is determined. An action may be performed in response to the determination of the source. In one case, the handling of an application on a mobile device may be based on whether the source of the application is trusted or untrusted. If a software application being newly-installed on a mobile device of a user is determined to be untrusted, installation or execution is blocked. In one approach, the determination of the source includes: determining whether a first source identifier of a first application matches a white list of source identifiers or a black list of source identifiers; and sending the first source identifier, a first application identifier, and a signature of authorship for the first application to a different computing device.

Abstract: A computing device creates verification information and a challenge token and sends the verification information and token to a server. A server receives a command and authentication information and uses the verification information to verify the authentication information. The server creates authentication credentials based on the authentication information and the challenge token. The computing device receives the command and the authentication credentials from the server, determines whether the credentials are valid, and then processes the command if the credentials are valid.

Abstract: A system and method to create and assign a policy for a mobile communications device are disclosed. The policy may be created based on personal data associated with the mobile communications device. For example, known sources of personal data on the mobile communications device may be identified and a policy may be created based on the known personal data. The policy may then be used to identify additional personal data associated with the mobile communications device. Thus, the personal data associated with the mobile communications device may be monitored. If an application attempts to access the monitored personal data, the access will be detected.

Abstract: Methods and systems are provided for sharing security risk information between collections of computing devices, such as mobile communications devices, to improve the functioning of devices associated with the collections. The methods and systems disclosed may share security risk information by identifying a security risk response by a first collection and then providing the security risk response to a second collection when a relationship database profile for the first collection indicates the security response may be shared with the second collection. Methods and systems are also provided for determining whether to allow a request from an originating device where the request may have been initiated by a remote device.

Abstract: The security and privacy of a user is enhanced by distinguishing between potentially sensitive information and non-sensitive information being displayed on a display of a computing device. In an embodiment, potentially sensitive information on a display is identified by parsing information to be displayed. A front-facing camera of the user's computing device is used to monitor the user's background and compare any changes to a threshold amount. In response to a detected change in the background, actions are taken to alert the user or reduce the visibility of identified potentially sensitive information shown on the display screen.

Abstract: An action is permitted to be performed on a computing device only after the action has been confirmed by two or more authorized and/or authenticated parties. A security component receives a request from to initiate an action on a computing device. Before the action is allowed to be initiated on the computing device the security component requires the authentication of first and second parties or authorizations from first and second parties, or both the authentications of and authorizations from first and second parties. After receiving the required authorizations and/or successfully performing the required authentications, the security component allows the requested action to be initiated on the computing device.

Abstract: A source of side-loaded software is determined. An action may be performed in response to the determination of the source. In one case, the handling of an application on a mobile device may be based on whether the source of the application is trusted or untrusted. If a software application being newly-installed on a mobile device of a user is determined to be untrusted, installation or execution is blocked. In one approach, the determination of the source includes: determining whether a first source identifier of a first application matches a white list of source identifiers or a black list of source identifiers; and sending the first source identifier and a first application identifier for the first application to a different computing device.

Abstract: A system and method including: determining, by a manager module, a need to determine a primary software component of a client device; identifying a first software component and a second software component of the client device; identifying a set of characteristics of the first software component and the second software component; determining that the first software component is the primary software component based on the set of characteristics of each software component, where determining the primary software component further includes comparing the set of characteristics of each software component and selecting the primary software component based on the set of characteristics with a highest priority; and instructing, by the manager module, the one or more processors to cause functionality associated with the second software component to be at least partially suspended.

Abstract: Embodiments of the present disclosure help protect computing devices by, among other things, identifying events that may pose a risk to a computing device based on data from sensors coupled to the computer device.

Abstract: The method disclosed herein provides for performing device security corrective action based on loss of proximity to another device, such as a key device. While a mobile communication device is locked, a mobile communication device determines whether or not a key device is within a specified distance. If the key device is not within the specified distance from the mobile communication device, a notification may be displayed on the mobile communication device. If a user responds to the notification, the user may prevent or alter the mobile communication device from performing at least one device security corrective action. If, however, the user does not respond to the notification within a specified time period, the at least one device security corrective action is performed on the mobile communication device.

Abstract: A source of side-loaded software is determined. An action may be performed in response to the determination of the source. In one case, the handling of an application on a mobile device may be based on whether the source of the application is trusted or untrusted. If a software application being newly-installed on a mobile device of a user is determined to be untrusted, installation or execution is blocked. In one approach, the determination of the source includes: determining whether a first source identifier of a first application matches a white list of source identifiers or a black list of source identifiers; and sending the first source identifier and a first application identifier for the first application to a different computing device.

Abstract: Security is enhanced for a user of a mobile communications device by monitoring and controlling resource usage. First information associated with each of a plurality of mobile communications devices is collected, including configurations and settings for applications, components, resources and external resources for each mobile communications device. The collected information is used to identify an application, component, resource or external resource that is currently active on two of the mobile communications devices. Second information is transmitted to the first of the two mobile communications devices to reduce or terminate usage of the identified application, component, resource or external resource on the first mobile communications device.

Abstract: The security and convenience of a mobile communication device is enhanced based on a separate key device. If the key device is near the mobile communication device, the mobile communication device may be automatically unlocked without the user having to input an unlock code. The mobile communication device may be automatically unlocked into a first mode having a first level of functionality. If the user inputs a correct unlock code, the mobile communication device may be unlocked into a second mode having a second level of functionality, greater than the first level of functionality.

Abstract: A method for protecting privacy and enhancing security on an electronic device is provided. When sensor information associated with at least one user input action is collected by a sensor in an electronic device hosting a plurality of applications, the method includes intercepting a request to access the sensor information from a requesting application of the plurality of applications, and controlling access to the sensor information associated with the at least one user input action based on the requesting application. By controlling access to the sensor information, leakage of sensitive or secure information to a malicious background application is minimized and privacy and security are enhanced.

Abstract: User activity on a mobile device is monitored and collected, and a resource usage model is constructed. The resource usage model describes a set of contexts in which the mobile device, and is the basis for determining a first exhaustion point for a resource. Based on the monitored activity, a prediction of a second exhaustion point for the resource time is made. If the second exhaustion point is prior to the first exhaustion point, usage of the resource is reduced.

Abstract: Embodiments are directed to a system and method for authenticating a user of a client computer making a request to a server computer providing access to a network resource through an authentication platform that issues a challenge in response to the request requiring authentication of the user identity through a reply from the client computer, determining one or more items of context information related to at least one of the user, the request, and the client computer, and determining a disposition of the request based on the reply and the one or more items of context information. The reply includes a user password and may be provided by an authorizing client device.

Abstract: A graphical user interface for improved text character entry is disclosed. In some embodiments, the graphical user interface may be displayed on a mobile communications device. The graphical user interface may display a message field, a soft keyboard, and at least one visual foveal echo field. The message field may display text characters of a message being authored by a user interacting with the soft keyboard. The visual foveal echo field may be placed adjacent to a soft keyboard row and contain a portion of the message being authored by the user.