System and method for adverse mobile application identification
US-8984628-B2 · Mar 17, 2015 · US
System and methods for protecting users from malicious content
US10791126B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10791126-B2 |
| Application number | US-201916379168-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 9, 2019 |
| Priority date | Jan 21, 2011 |
| Publication date | Sep 29, 2020 |
| Grant date | Sep 29, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method, system and device for allowing the secure collection of sensitive information is provided. The device includes a display, and a user interface capable of receiving at least one user-generated interrupt in response to a stimulus generated in response to content received by the device, wherein the action taken upon receiving the user-generated interrupt depends on a classification of the content, the classification identifying the content as trusted or not trusted. The method includes detecting a request for sensitive information in content, determining if an interrupt is generated, determining if the content is trusted, allowing the collection of the sensitive information if the interrupt is generated and the content is trusted, and performing an alternative action if the interrupt is generated and the content is not trusted. The method may include instructions stored on a computer readable medium.
First claim
Opening claim text (preview).
We claim: 1. A system, comprising: a non-transitory memory; and one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising: determining that a user-authentication screen is provided on a display of a user device of a user; detecting, via one or more sensors of the user device, a generation of an interrupt on the user device; determining whether the user-authentication screen is from a trusted source; and automatically providing, in response to the detecting of the generation of the interrupt and a determination that the user-authentication screen is from the trusted source, a user-authentication credential to the user device. 2. The system of claim 1 , wherein: the user device comprises a mobile device; and the one or more sensors comprise one or more buttons, keys, capacitive sensors, or accelerometers. 3. The system of claim 2 , wherein the detecting comprises detecting a pressing of one of the buttons or keys. 4. The system of claim 2 , wherein the detecting comprises detecting that a plurality of the buttons or keys have been pressed according to a predefined combination or a predefined sequence. 5. The system of claim 2 , wherein the detecting comprises detecting, via the one or more capacitive sensors, an engagement of a predefined portion of the user-authentication screen. 6. The system of claim 2 , wherein the detecting comprises detecting, via the one or more accelerometers, that the user device has moved or is moving in a predefined motion. 7. The system of claim 1 , wherein the automatically providing comprises activating a password manager application that has stored a password that has been entered by the user previously, and wherein the activating of the password manager application automatically fills a portion of the user-authentication screen with the password as the user-authentication credential. 8. The system of claim 1 , wherein the determining whether the user-authentication screen is from the trusted source comprises determining whether a content of the user-authentication screen includes a predefined certificate or whether the content of the user-authentication screen is on a predefined whitelist. 9. The system of claim 1 , wherein the operations further comprise: in response to the detecting of the generation of the interrupt and a determination that the user-authentication screen is not from the trusted source, automatically scanning the user device for malicious code. 10. The system of claim 9 , wherein the malicious code comprises a computer virus or a keylogger software. 11. The system of claim 1 , wherein the operations further comprise: in response to the detecting of the generation of the interrupt and a determination that the user-authentication screen is not from the trusted source, automatically terminating a user-authentication process associated with the user-authentication screen. 12. The system of claim 1 , wherein the operations further comprise: before the detecting, prompting the user to generate the interrupt. 13. A method, comprising: determining that a user-authentication screen is provided to a user device of a user, wherein the user device includes one or more buttons, keys, capacitive sensors, or accelerometers; detecting a generation of an interrupt on the user device via an operation selected from the group consisting of: a pressing of one of the buttons or the keys; pressings of a plurality of the buttons or the keys according to a predefined combination or a predefined sequence; a detection made via the one or more capacitive sensors indicating an engagement of a predefined portion of the user-authentication screen; or a detection made via the one or more accelerometers indicating the user device has moved or is moving in a predefined motion; determining whether the user-authentication screen is from a trusted source; and automatically populating, in response to the detecting of the generation of the interrupt and a determination that the user-authentication screen is from the trusted source, a data field of the user-authentication screen with a user-authentication credential. 14. The method of claim 13 , wherein prior to the automatically populating, automatically activating a password manager application that has stored a previously-entered password as the user-authentication credential. 15. The method of claim 13 , wherein the determining whether the user-authentication screen is from the trusted source comprises determining whether a content of the user-authentication screen includes a predefined certificate or whether the content of the user-authentication screen is on a predefined whitelist. 16. The method of claim 13 , further comprising: in response to the detecting of the generation of the interrupt and a determination that the user-authentication screen is not from the trusted source, automatically scanning the user device for a computer virus or a keylogger software. 17. The method of claim 13 , further comprising: in response to the detecting of the generation of the interrupt and a determination that the user-authentication screen is not from the trusted source, automatically terminating a user-authentication process associated with the user-authentication screen. 18. The method of claim 13 , further comprising: before the detecting, displaying a prompt on the user-authentication screen with respect to the generation of the interrupt. 19. A non-transitory machine-readable medium having stored thereon machine-readable instructions executable to cause a machine to perform operations comprising: detecting a generation of an interrupt on a user device via one or more of the following: a pressing of one of buttons or keys; pressings of a plurality of buttons or keys according to a predefined combination or a predefined sequence; a detection made via one or more capacitive sensors indicating an engagement of a predefined portion of a user-authentication screen; or a detection made via one or more accelerometers indicating that the user device has experienced or is experiencing a predefined motion; determining whether the user-authentication screen is from one or more trusted entities; and in response to a detection of the generation of the interrupt, automatically performing one of the following actions based on the determining: automatically entering a user-authentication credential in the user-authentication screen when the user-authentication screen is determined to come from one of the trusted entities; or terminating an authentication process associated with the user-authentication screen when the user-authentication screen is determined to not come from any of the trusted entities. 20. The non-transitory machine-readable medium of claim 19 , wherein the operations further comprise: in response to a detection of the generation of the interrupt, automatically scanning content of the user-authentication screen for malicious code.
Assignees
Inventors
Classifications
- G06F21/56Primary
Computer malware detection or handling, e.g. anti-virus arrangements · CPC title
User authentication · CPC title
using interrupt (G06F13/32 takes precedence) · CPC title
Authenticating web pages, e.g. with suspicious links · CPC title
the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10791126B2 cover?
- A method, system and device for allowing the secure collection of sensitive information is provided. The device includes a display, and a user interface capable of receiving at least one user-generated interrupt in response to a stimulus generated in response to content received by the device, wherein the action taken upon receiving the user-generated interrupt depends on a classification of th…
- Who is the assignee on this patent?
- Paypal Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/56. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Sep 29 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).