Abstract: A method of operation and non-transitory computer readable medium are provided for a mobile communications device which includes memory storing program instructions and a processor coupled to a first input that passively collects input data and a second input that collects response data based on a challenge. A statistical behavioral model is generated based upon passively collected input data for the user. A level of assurance (LOA) is determined based upon the statistical behavioral model and the passively collected input data from the first input. The LOA is compared with a threshold and based on the comparison: the mobile device operation is enabled as a result of determining that the LOA meets or exceeds the threshold without requiring response data from the at least one second input, otherwise, the challenge is generated and the mobile device operation is enabled responsive to valid response data from the second input.

Abstract: Methods and systems for detecting a privacy violation in an image file. A policy to be used by a master imaging application is obtained and a file system is monitored for a digital image modified by a monitored imaging application. It is then determined that the digital image file includes at least some content in violation of a defined setting for the master imaging application and, based on the determination that the digital image file includes at least some content in violation of the defined setting for the master imaging application, taking an action.

Abstract: Methods and systems for removing sensitive information from a digital image. An instruction to share a digital image is received. It is then determined that the digital image contains a depiction of a corporate display medium that is classified as sensitive based on a policy and, based on the determination that the digital image contains the depiction of the corporate display medium that is classified as sensitive based on the policy, the digital image is processed to modify the depiction. The digital image is shared.

Abstract: Methods and devices for determining whether a mobile device has been compromised. File tree structure information for the mobile device is obtained that details at least a portion of a tree-based structure of folders and files in a portion of memory. The file tree structure information is analyzed to determine that the mobile device has been compromised, has not been compromised, or might be compromised. Based on determining that the mobile device might be compromised, the mobile device is instructed to execute a restricted action. If the restricted action occurs on the mobile device then it is determined that the mobile device has been compromised. Based on that determination, an action is taken.

Abstract: Methods and devices for determining whether a computing device has been compromised. File tree structure information for the computing device is obtained that details at least a portion of a tree-based structure of folders and files in a memory on the computing device. It is then determined from the file tree structure information that the computing device is compromised and, based on the determination that the computing device has been compromised, an action is taken.

Abstract: Methods and devices for determining whether a mobile device has been compromised. The mobile device has a managed portion of memory and an unmanaged portion of memory, a managed profile and an unmanaged profile, and the managed profile includes files stored in the managed portion of memory and the unmanaged profile includes files stored in the unmanaged portion of memory. The managed profile is governed by a device policy set by a remote administrator. File tree structure information for the managed profile of the mobile device is obtained that details at least a portion of a tree-based structure of folders and files in the managed portion of memory.

Abstract: Methods and devices for determining whether a mobile device has been compromised. The mobile device has a managed portion of memory and an unmanaged portion of memory, a managed profile and an unmanaged profile, and the managed profile includes files stored in the managed portion of memory and the unmanaged profile includes files stored in the unmanaged portion of memory. The managed profile is governed by a device policy set by a remote administrator. File tree structure information for the unmanaged profile of the mobile device is obtained that details at least a portion of a tree-based structure of folders and files in the unmanaged portion of memory. It is determined from the file tree structure information that the mobile device has been compromised and, based on that determination, an action is taken.

Abstract: An automatic file encryption method and device for automatically encrypting a file. A processor identifies a characteristic associated with likely sensitive content based on a usage pattern of encrypting files having the characteristic. Creation of a new file is detected and the newly-created file is analyzed to determine whether the file contains sensitive content based upon it having the characteristic. If the file is found to have the characteristic, then the file is automatically encrypted.

Abstract: As vehicles collect more data in autonomous or semi-autonomous operation, the collected data such as video, navigation and telemetry data, can containing personally identifiable information (PII). The PII may be governed by specific handling requirements or privacy policies. In order to comply with these requirements and policies a method, system and computer readable memory are provided for determining a location of a vehicle to enable determination of an enforcement policy associated with the location of the vehicle. The enforcement policy defines one or more PII objects that are to be filtered from the vehicle data. The PII objects contained within the vehicle data can then be filtered such that the PII objects are not identifiable. The filtered data can then be stored or transmitted to a remote location.

Abstract: A server-implemented method for automatically registering an asset tag in a database is disclosed. One or more asset tag collision reports are received from at least one mobile device connected to the server, each report including a tag identifier of the asset tag that is wirelessly broadcast by the asset tag. A location of the asset tag is determined based on the one or more received asset tag collision reports. A first asset is selected from a set of unregistered assets that are identified as being deployed in the indoor facility based on determining that there is a match between the location of the asset tag and location information associated with the first asset. The asset tag is then registered in association with the first asset in the database.

Abstract: A method of managing access to protected file content is disclosed. The method includes: receiving a request to open a first file stored on the computing device; determining that the first file is a protected file; in response to determining that the first file is a protected file: identifying a first application that is suitable for opening the first file; determining that the first application is an unsecured application; and in response to determining that the first application is an unsecured application, locking the first application to prevent unauthorized access of application data of the first application in a locked state.

Abstract: A mobile transceiver for asset tracking having a power saving scheme for network access and related method are provided. In one aspect, the method comprises determining a location of the mobile transceiver, determining whether cellular service is likely to be available at the determined location based on a stored signal strength database, and activating the cellular transceiver from a low power mode in response to a determination that cellular service is likely to be available at the determined location.

Abstract: Methods and systems to restrict vehicle operations based on driver identity. Owners or administrators may impose restrictions on certain users of a vehicle. Certain drivers may be classed as restricted users that have associated limitations or restrictions on their use of vehicle features. The vehicle determines the identity of the driver. Based on that identity and/or the class with which the identity is associated, some features may be disabled and some features may be subject to limitation, such as mileage, speed, or location restrictions. Ongoing monitoring of limited features may result in detection of a violation that triggers one or more security actions.

Abstract: A method of operation and non-transitory computer readable medium are provided for a mobile communications device which includes memory storing program instructions and a processor coupled to a first input that passively collects input data and a second input that collects response data based on a challenge. A statistical behavioral model is generated based upon passively collected input data for the user. A level of assurance (LOA) is determined based upon the statistical behavioral model and the passively collected input data from the first input. The LOA is compared with a threshold and based on the comparison: the mobile device operation is enabled as a result of determining that the LOA meets or exceeds the threshold without requiring response data from the at least one second input, otherwise, the challenge is generated and the mobile device operation is enabled responsive to valid response data from the second input.

Abstract: A mobile transceiver for asset tracking having a power saving scheme for network access and related method are provided. In one aspect, the method comprises determining a location of the mobile transceiver, determining whether cellular service is likely to be available at the determined location based on a stored signal strength database, and activating the cellular transceiver from a low power mode in response to a determination that cellular service is likely to be available at the determined location.

Abstract: A mobile communications device includes a plurality of first input devices capable of passively collecting input data, a second input device(s) capable of collecting response data based upon a challenge, and a processor capable of determining a level of assurance (LOA) that possession of the mobile communications device has not changed based upon a statistical behavioral model and the passively received input data, and comparing the LOA with a security threshold. When the LOA is above the security threshold, the processor may be capable of performing a given mobile device operation without requiring response data from the second input device(s). When the LOA falls below the security threshold, the processor may be capable of generating the challenge, performing the given mobile device operation responsive to valid response data, and adding recent input data to the statistical behavioral model responsive to receipt of the valid response data.

Abstract: A method of providing information for display, from a portable electronic device, includes displaying information on a display of the portable electronic device, identifying a portion for redacting from the information displayed on the display of the portable electronic device, extracting the portion from the information to provide redacted information and an extracted portion, storing the redacted information, protecting and storing the extracted portion in association with a location identification in a file, and sending the redacted information and sending the file including extracted portions associated with the location identifiers.

Abstract: A mobile transceiver for asset tracking having a power saving scheme for network access and related method are provided. In one aspect, the method comprises determining a location of the mobile transceiver, determining whether cellular service is likely to be available at the determined location based on a stored signal strength database, and activating the cellular transceiver from a low power mode when it is determined cellular service is likely to be available at the determined location.

Abstract: A server-implemented method for automatically registering an asset tag in a database is disclosed. One or more asset tag collision reports are received from at least one mobile device connected to the server, each report including a tag identifier of the asset tag that is wirelessly broadcast by the asset tag. A location of the asset tag is determined based on the one or more received asset tag collision reports. A first asset is selected from a set of unregistered assets that are identified as being deployed in the indoor facility based on determining that there is a match between the location of the asset tag and location information associated with the first asset. The asset tag is then registered in association with the first asset in the database.

Abstract: A server-implemented method for automatically registering an asset tag in a database is disclosed. One or more asset tag collision reports are received from at least one mobile device connected to the server, each report including a tag identifier of the asset tag that is wirelessly broadcast by the asset tag. A location of the asset tag is determined based on the one or more received asset tag collision reports. A first asset is selected from a set of unregistered assets that are identified as being deployed in the indoor facility based on determining that there is a match between the location of the asset tag and location information associated with the first asset. The asset tag is then registered in association with the first asset in the database.