Nothing Special   »   [go: up one dir, main page]

WO2018047203A1 - A system and a method for locking a lost portable communication device - Google Patents

A system and a method for locking a lost portable communication device Download PDF

Info

Publication number
WO2018047203A1
WO2018047203A1 PCT/IN2017/050391 IN2017050391W WO2018047203A1 WO 2018047203 A1 WO2018047203 A1 WO 2018047203A1 IN 2017050391 W IN2017050391 W IN 2017050391W WO 2018047203 A1 WO2018047203 A1 WO 2018047203A1
Authority
WO
WIPO (PCT)
Prior art keywords
portable communication
communication device
locking
lock
otp
Prior art date
Application number
PCT/IN2017/050391
Other languages
French (fr)
Inventor
Rohit Rathi
Original Assignee
Smartron India Private Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Smartron India Private Limited filed Critical Smartron India Private Limited
Publication of WO2018047203A1 publication Critical patent/WO2018047203A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/66Substation equipment, e.g. for use by subscribers with means for preventing unauthorised or fraudulent calling
    • H04M1/667Preventing unauthorised calls from a telephone set
    • H04M1/67Preventing unauthorised calls from a telephone set by electronic means
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/126Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning

Definitions

  • the embodiment herein is generally related to the field of mobile communication devices.
  • the embodiment herein is particularly related to a system and method for preventing misuse of lost portable communication device by an unauthorized user.
  • the embodiment herein is more particularly related to a system and method for sending a message to lock a lost (misplaced or stolen) portable communication device.
  • SIM subscriber identity module
  • IMEI equipment identifier
  • Each mobile communication device carries a unique device-id (device identification) which is known as International Mobile Equipment Identity (IMEI) in Global System for Mobile Communications (GSM).
  • IMEI International Mobile Equipment Identity
  • GSM Global System for Mobile Communications
  • This device-id can be used by a network service provider to trace/track the mobile communication device and to block the mobile communication device, if the mobile communication device is stolen and reused by somebody else.
  • GSM network architecture has a node defined in the network called Equipment Identification Register (EIR), which maintains a list of black listed, white listed and grey listed mobile communication devices.
  • EIR Equipment Identification Register
  • the existing methods involves in blocking the IMEI number by communicating with a network provider.
  • the method is deployed to track the IMEI of the devices under service in a network and further map the IMEI with a database of stolen devices. This method is strenuous and does not provide sufficient protection.
  • the primary object of the embodiment herein is to provide a system and method for data security in a portable communication device by providing options for locking the device.
  • Another object of the embodiment herein is to provide a system and method for enabling a biometric scanner to prevent an unauthorized user from flashing the portable communication device.
  • Yet another object of the embodiment herein is to provide a method and system for initiating a trigger message including locking request and device location, when an attempt is made to replace existing SIM (Subscriber Identity Module), thereby preventing misuse of the device.
  • SIM Subscriber Identity Module
  • Yet another object of the embodiment herein is to provide a method and system for initiating a locking of a stolen or lost portable communication device when a SIM is replaced or biometric authentication fails.
  • Yet another object of the embodiment herein is to provide a method and system for locking a lost portable communication device by sending a short media message (SMS).
  • SMS short media message
  • Yet another object of the embodiment herein is to provide a method and system for locking the lost portable communication device by a message that directly communicates with the IMEI number.
  • Yet another object of the embodiment herein is to provide a method and system for locking the lost portable communication device by sending a short media message with lock command.
  • Yet another object of the embodiment herein is to provide a method and system for locking the lost portable communication device by initiating a trigger message from the lost communication device to a registered mobile number with a location information and a lock request.
  • the various embodiments of the embodiment herein disclose a system and method for immediately locking a lost portable communication device by sending a short media service (SMS).
  • SMS initiates a lock command that directly communicates with the IMEI number of the portable communication device.
  • a method for providing data security in a portable communication device is disclosed.
  • a security module is installed under an operating system of the mobile device operating system, wherein each security module comprises components that implement locking function.
  • a user is enabled to initiate a message from a registered mobile device when the portable communication device is lost, wherein the message comprises a lock command.
  • a biometric scanner is activated on initiating a flash request on the portable communication device. The biometric scanner authenticates a user accessing the portable communication device and prevent unauthorized access.
  • a trigger message is initiated from the portable communication device to a registered mobile number when an attempt is made to replace existing SIM.
  • the trigger message comprises a lock request confirmation and a location information of the portable communication device.
  • a One Time Password is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request.
  • the locking application is configured to generate OTP.
  • the locking application is embedded in the factory setting.
  • the registered mobile number is asked to resend the OTP.
  • the locking command application is configured to authenticate and verify the OTP received from the registered number.
  • the application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
  • a locking of the portable communication device is activated when a SIM is replaced or biometric authentication fails. Thus, locking of the portable communication device provides data security.
  • the message sent from the registered mobile number directly communicates with the IMEI number of the portable communication device to activate locking command.
  • the lock command restricts the functionality of the device.
  • the biometric authentication is at least one of voice analysis, facial recognition, and finger print verification.
  • the step of activating a biometric scanner further comprises enabling the user to access the portable communication device when the biometric authentication is a success.
  • the step of enabling a user to initiate a message further comprises sending a request to a server with contact details and password corresponding to the portable communication device. Further, the portable communication device associated with the contact details is identified. Thereafter, a message is sent from the server to the identified portable communication device.
  • the location information is a GPS location of the device provided by the GPS module.
  • the system for providing data security in a portable communication device comprises an IMEI module, a biometric scanner, a security module, and a GSM module.
  • the security module is installed under an operating system of the mobile device operating system.
  • the security module communicates with a hardware processor coupled to a memory containing instructions configured for implanting locking function.
  • the security module is configured to enable a user to initiate a message from a registered mobile device when the portable communication device is lost, wherein the message comprises a lock command.
  • the security module is configured to activate a biometric scanner on initiating a flash request on the portable communication device.
  • the biometric scanner authenticates a user accessing the portable communication device and prevent unauthorized access.
  • the security module is configured to initiate a trigger message from the portable communication device to a registered mobile number when an attempt is made to replace existing SIM.
  • the trigger message comprises a lock request confirmation and a location information of the portable communication device.
  • the security module is further configured to initiate a locking of the portable communication device when a SIM is replaced or biometric authentication fails.
  • a One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request.
  • the locking application is configured to generate OTP.
  • the locking application is embedded in the factory setting.
  • the registered mobile number is asked to resend the OTP.
  • the locking command application is configured to authenticate and verify the OTP received from the registered number.
  • the application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
  • the system further comprises a IMEI module configured to receive message that directly communicates with the IMEI number of the portable communication device.
  • the lock command restricts the functionality of the device.
  • the system further comprises a biometric scanner configured to perform biometric authentication through one of voice analysis, facial recognition, and finger print verification.
  • the system includes a Global Positioning system or GPS module for determining location information.
  • a method for locking a lost portable communication device during an attempt to change SIM (Subscriber Identity Module) in GSM based devices.
  • SIM Subscriber Identity Module
  • the embodiment herein prevents an unauthorized user from removing the SIM.
  • the portable communication device sends a trigger message to a registered number when the unauthorized user removes SIM from the device.
  • the trigger message is any one of an email, and a SMS.
  • a user blocks the SIM in the device so that an authorized person does not misuse the SIM.
  • a method is provided for locking a lost portable communication device during an attempt to flash CDMA based devices.
  • the embodiment herein provides a data security and prevents an unauthorized user from flashing the portable communication device.
  • the portable communication device verifies any user accessing the device using biometrics authentication.
  • the biometric authentication is selected from a group consisting of a voice analysis, a facial recognition, and a finger print verification.
  • the device initiates a lock command when the user fails to verify the identity using biometric data. The lock command restricts the functionality of the device.
  • the security module provides data security and prevents an unauthorized user from using the portable communication device. Further, the security module enables a user to send a lock message to initiate a locking of the lost mobile device, thereby preventing a misuse of the portable communication device.
  • the server permits access to the owner upon submitting a command to lock the device when the mobile device is lost or stolen, by using the contact details and the password of the owner of the lost mobile device.
  • the serial number and/or telephone number of the mobile device is automatically stored in the server for registering with the lock service so that the device is identified when an instruction for locking the mobile device is received from the registered user of the mobile device.
  • a One Time Password is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request.
  • the locking application is configured to generate OTP.
  • the locking application is embedded in the factory setting.
  • the registered mobile number is asked to resend the OTP.
  • the locking command application is configured to authenticate and verify the OTP received from the registered number.
  • the application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
  • a method for locking a lost portable communication device comprises providing a user interface (UI) to the registered user of the mobile device to provide an option to register for a locking service of a remote device. Further, the registered owner of the mobile device enters an emergency contact number and a password during the registering of the device with the device manufacturer. When a loss of the mobile device is reported, the method involves sending a trigger message to the emergency contact number when an unauthorized user accesses the mobile device.
  • the trigger message includes a location information of the device and a confirmation request to lock the device.
  • the location information is a GPS location of the device.
  • the lock command in the trigger message is a remotely initiated instruction sent via a server to the lost mobile device to stop either a partial of fully operational functionalities of the lost mobile device remotely.
  • a One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request.
  • the locking application is configured to generate OTP.
  • the locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP.
  • the locking command application is configured to authenticate and verify the OTP received from the registered number.
  • the application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
  • FIG. 1 is a flowchart explaining a method for providing data security in a portable communication device.
  • FIG. 2 illustrates a flowchart explaining a method for locking a lost portable device through SMS message, according to one embodiment of the embodiment herein.
  • FIG. 3 illustrates a flowchart explaining a method of locking a lost portable communication device during an attempt to flash
  • FIG. 4 illustrates a flowchart explaining a method of locking a lost portable communication device during an attempt to change SIM (Subscriber Identity Module), according to one embodiment of the embodiment herein.
  • FIG. 5 is a block diagram of a system for providing data security.
  • the various embodiments of the embodiment herein disclose a system and method for immediately locking a lost portable communication device by sending a short media service (SMS).
  • SMS initiates a lock command that directly communicates with the IMEI number of the portable communication device.
  • a method for providing data security in a portable communication device is disclosed.
  • a security module is installed under an operating system of the mobile device operating system, wherein each security module comprises components that implement locking function.
  • a user is enabled to initiate a message from a registered mobile device when the portable communication device is lost, wherein the message comprises a lock command.
  • a biometric scanner is activated on initiating a flash request on the portable communication device. The biometric scanner authenticates a user accessing the portable communication device and prevent unauthorized access.
  • a trigger message is initiated from the portable communication device to a registered mobile number when an attempt is made to replace existing SIM.
  • the trigger message comprises a lock request confirmation and a location information of the portable communication device.
  • a locking of the portable communication device is activated when a SIM is replaced or biometric authentication fails.
  • locking of the portable communication device provides data security.
  • the message sent from the registered mobile number directly communicates with the IMEI number of the portable communication device to activate locking command.
  • the lock command restricts the functionality of the device.
  • the biometric authentication is at least one of voice analysis, facial recognition, and finger print verification.
  • the step of activating a biometric scanner further comprises enabling the user to access the portable communication device when the biometric authentication is a success.
  • the step of enabling a user to initiate a message further comprises sending a request to a server with contact details and password corresponding to the portable communication device. Further, the portable communication device associated with the contact details is identified. Thereafter, a message is sent from the server to the identified portable communication device.
  • a One Time Password is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request.
  • the locking application is configured to generate OTP.
  • the locking application is embedded in the factory setting.
  • the registered mobile number is asked to resend the OTP.
  • the locking command application is configured to authenticate and verify the OTP received from the registered number.
  • the application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
  • the location information is a GPS location of the device provided by the GPS module.
  • the system for providing data security in a portable communication device comprises an IMEI module, a biometric scanner, a security module, and a GSM module.
  • the security module is installed under an operating system of the mobile device operating system.
  • the security module communicates with a hardware processor coupled to a memory containing instructions configured for implanting locking function.
  • the security module is configured to enable a user to initiate a message from a registered mobile device when the portable communication device is lost, wherein the message comprises a lock command.
  • the security module is configured to activate a biometric scanner on initiating a flash request on the portable communication device.
  • the biometric scanner authenticates a user accessing the portable communication device and prevent unauthorized access.
  • the security module is configured to initiate a trigger message from the portable communication device to a registered mobile number when an attempt is made to replace existing SIM.
  • the trigger message comprises a lock request confirmation and a location information of the portable communication device.
  • the security module is further configured to initiate a locking of the portable communication device when a SIM is replaced or biometric authentication fails.
  • a One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request.
  • the locking application is configured to generate OTP.
  • the locking application is embedded in the factory setting.
  • the registered mobile number is asked to resend the OTP.
  • the locking command application is configured to authenticate and verify the OTP received from the registered number.
  • the application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
  • the system further comprises a IMEI module configured to receive message that directly communicates with the IMEI number of the portable communication device.
  • the lock command restricts the functionality of the device.
  • the system further comprises a biometric scanner configured to perform biometric authentication through one of voice analysis, facial recognition, and finger print verification.
  • the system includes a Global Positioning system or GPS module for determining location information.
  • a method for locking a lost portable communication device during an attempt to change SIM (Subscriber Identity Module) in GSM based devices.
  • SIM Subscriber Identity Module
  • the embodiment herein prevents an unauthorized user from removing the SIM.
  • the portable communication device sends a trigger message to a registered number when the unauthorized user removes SIM from the device.
  • the trigger message is any one of an email, and a SMS.
  • a One Time Password is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request.
  • the locking application is configured to generate OTP.
  • the locking application is embedded in the factory setting.
  • the registered mobile number is asked to resend the OTP.
  • the locking command application is configured to authenticate and verify the OTP received from the registered number.
  • the application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
  • the security module provides data security and prevents an unauthorized user from using the portable communication device. Further, the security module enables a user to send a lock message to initiate a locking of the lost mobile device, thereby preventing a misuse of the portable communication device.
  • the server permits access to the owner upon submitting a command to lock the device when the mobile device is lost or stolen, by using the contact details and the password of the owner of the lost mobile device.
  • the serial number and/or telephone number of the mobile device is automatically stored in the server for registering with the lock service so that the device is identified when an instruction for locking the mobile device is received from the registered user of the mobile device.
  • a method for locking a lost portable communication device comprises providing a user interface (UI) to the registered user of the mobile device to provide an option to register for a locking service of a remote device. Further, the registered owner of the mobile device enters an emergency contact number and a password during the registering of the device with the device manufacturer.
  • the method involves sending a trigger message to the emergency contact number when an unauthorized user accesses the mobile device.
  • the trigger message includes a location information of the device and a confirmation request to lock the device.
  • the location information is a GPS location of the device.
  • the lock command in the trigger message is a remotely initiated instruction sent via a server to the lost mobile device to stop either a partial of fully operational functionalities of the lost mobile device remotely.
  • a One Time Password is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request.
  • the locking application is configured to generate OTP.
  • the locking application is embedded in the factory setting.
  • the registered mobile number is asked to resend the OTP.
  • the locking command application is configured to authenticate and verify the OTP received from the registered number.
  • the application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
  • FIG. 1 is a flowchart explaining a method for providing data security in a portable communication device.
  • a security module is installed under an operating system of the mobile device operating system, wherein each security module comprises components that implement locking function (100).
  • a user is enabled to initiate a message from a registered mobile device when the portable communication device is lost (102).
  • the message comprises a lock command.
  • a biometric scanner is activated on initiating a flash request on the portable communication device (104).
  • the biometric scanner authenticates a user accessing the portable communication device and prevent unauthorized access.
  • a trigger message is initiated from the portable communication device to a registered mobile number when an attempt is made to replace existing SIM (106).
  • the trigger message comprises a lock request confirmation and a location information of the portable communication device.
  • a locking of the portable communication device is activated when a SIM is replaced or biometric authentication fails (108).
  • locking of the portable communication device provides data security.
  • the message sent from the registered mobile number directly communicates with the IMEI number of the portable communication device to activate locking command.
  • the lock command restricts the functionality of the device.
  • the biometric authentication is at least one of voice analysis, facial recognition, and finger print verification.
  • the step of activating a biometric scanner further comprises enabling the user to access the portable communication device when the biometric authentication is a success.
  • the step of enabling a user to initiate a message further comprises sending a request to a server with contact details and password corresponding to the portable communication device. Further, the portable communication device associated with the contact details is identified. Thereafter, a message is sent from the server to the identified portable communication device.
  • a One Time Password is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request.
  • the locking application is configured to generate OTP.
  • the locking application is embedded in the factory setting.
  • the registered mobile number is asked to resend the OTP.
  • the locking command application is configured to authenticate and verify the OTP received from the registered number.
  • the application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
  • the location information is a GPS location of the device provided by the GPS module.
  • FIG. 2 is a flowchart illustrating the steps of locking a lost portable communication device with an SMS, according to one embodiment of the embodiment herein.
  • the embodiment herein provides data security and prevents an unauthorized user from using the lost (stolen or misplaced) portable communication device a portable communication device, hereinafter referred to as a device.
  • the mobile device is identified using an equipment identifier known as an internal mobile equipment identity (IMEI). Each IMEI number is mapped with a user profile. A user registers his ⁇ her mobile device with the Digital Identity Management Service (DIMS). Further, the Digital Identity Management Service (DIMS) is designed to keep the records of the IMEI number of phones.
  • IMEI equipment identifier
  • DIMS Digital Identity Management Service
  • the device provides an owner to pre-register with a device lock service.
  • the system includes a server permitting access to the owner upon submitting a command to lock the device when the registered mobile device is later lost or stolen, by using the contact details and the password of the registered owner.
  • the serial number and/or telephone number of registered mobile device is automatically stored in the server for registering with the lock service so that the registered device is identified, when an instruction for locking the registered device is received from an authorized/registered owner of the mobile device.
  • the method for locking a lost portable communication device with an SMS comprises the following steps of processes.
  • the portable mobile device displays a user interface (UI) for providing the owner with an option to register for a remote device lock service. Further, the owner enters the emergency contact number and a password during the registration of the mobile device with the respective device manufacturer.
  • the loss of the mobile device is reported.
  • an unauthorized user access the lost mobile device and attempts to use the lost mobile device by changing the carrier or by flashing the device.
  • the lost mobile device sends a trigger message to the emergency contact number using the security module.
  • the trigger message includes a location information of the lost mobile device and a confirmation request to lock the lost mobile device.
  • the address comprises a GPS location of the lost mobile device.
  • the method enables the user to track the lost mobile device with the GPS location.
  • the registered owner of the lost mobile device sends an SMS with a lock command.
  • the lock command is a remotely initiated instruction sent via a server to the lost mobile device to stop the operational functionalities of the lost mobile device either fully or partially.
  • the lock command will be a kill switch.
  • the lock command disables every functions, but displays a telephone number to call to report that the lost mobile device has been found, or an email address to contact, or both.
  • the lost mobile device is permitted only to contact this number or email, without being permitted to contact other emails or numbers, except perhaps an emergency services number.
  • a One Time Password is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request.
  • the locking application is configured to generate OTP.
  • the locking application is embedded in the factory setting.
  • the registered mobile number is asked to resend the OTP.
  • the locking command application is configured to authenticate and verify the OTP received from the registered number.
  • the application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
  • the mobile device provides an owner to subscribe to lock service following theft or loss of a device.
  • the system receives a request to lock the device, which is received by the registered owner via a terminal.
  • the server establishes a communication link with the device, which is initiated either by the lost mobile device or the server.
  • the server sends a lock command to the lost mobile device.
  • the lock command results in a reduction of functionality available on the lost mobile device.
  • the device is limited to calling a specified number to inform a responsible party of the whereabouts of the device, when the device is a mobile phone.
  • the lost device is simply configured to display a number to call or an email address to contact.
  • the system for locking the device with the SMS automatically publishes the device and its identifying details, such as a serial number, in the lost and found database.
  • the details may already be stored there and a flag is simply be set to indicate that the device is now lost or stolen, which results in publishing the details of the lost or stolen device.
  • a single command is used/ sufficient for sending a request for locking the lost mobile device and publishing the details of the locked mobile device that is lost and found in a database.
  • the system for locking a lost device further enables a person to retrieve the lost mobile device after the lost mobile device is found.
  • the system receives a notification that the mobile device which is reported and published as lost or stolen has been found.
  • the finder of the mobile device is verified, for example, that the serial number of the device matches the serial number displayed on a website that presents information about devices marked in the database as lost or stolen.
  • the system and method of embodiment herein provides a data security and helps to retrieve the lost mobile device.
  • the system enables the authorized/registered user to send a message with the lock command and stop the functionality of the lost mobile device.
  • FIG. 3 illustrates a flowchart explaining a method of locking a lost portable communication device during an attempt to flash, according to one embodiment of the embodiment herein.
  • the embodiment herein provides data security and prevents an unauthorized user from flashing the portable communication device.
  • the portable communication device verifies any user accessing the device using biometrics authentication.
  • the biometric authentication is any one of voice analysis, facial recognition, and finger print verification.
  • the user is permitted to access the device only if he is authenticated using biometrics.
  • a user registers his ⁇ her biometric profile data including his ⁇ her voice and facial image with the Digital Identity Management Service (DIMS). Further, the Digital Identity Management Service (DIMS) is used to keep records of the IMEI number of phones.
  • the mobile device is identified using an equipment identifier known as an internal mobile equipment identity (IMEI). Each IMEI number is mapped with a biometric profile.
  • IMEI equipment identifier
  • Each IMEI number is mapped with a biometric profile.
  • a portable communication device is reported as lost (stolen or misplaced).
  • an unauthorized user access the lost device and attempts to use the lost device by changing the carrier.
  • the user initiates flashing of the lost device.
  • the lost device requests for biometric authentication to initiate flashing.
  • the biometric data is compared to the biometric profile registered with the respective device.
  • the user is denied access to flash the lost device if the biometric data does not match with the biometric profile.
  • the lost device initiates a lock command when user fails to verify the identity using biometnc data. The lock command restricts the functionality of the lost device.
  • the lock command is a remotely initiated instruction sent via a server to the lost device to stop operation of the lost device, either in full or partially. It may mean 'killing' the device so that it becomes completely inoperable, in which case the lock command will be a kill switch. Alternately, the lock command disables every functions, but displays a telephone number to call to report that the lost device has been found, or an email address to contact, or both. The lost device is permitted to contact this number or email, without being permitted to contact other emails or numbers, except perhaps an emergency services number.
  • Non-limiting examples of a device include a laptop, cell phone, personal digital assistant, smart phone, memory stick, personal media device, gaming device, personal computer, tablet computer, electronic book, and netbook.
  • a One Time Password is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request.
  • the locking application is configured to generate OTP.
  • the locking application is embedded in the factory setting.
  • the registered mobile number is asked to resend the OTP.
  • the locking command application is configured to authenticate and verify the OTP received from the registered number.
  • the application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
  • FIG. 4 illustrates a flowchart explaining a method of locking a lost portable communication device during an attempt to change SIM (Subscriber Identity Module), according to one embodiment of the embodiment herein.
  • SIM Subscriber Identity Module
  • the embodiment herein prevents an unauthorized user from removing SIM.
  • the portable communication device sends a trigger message to a registered number when the unauthorized user removes SIM from the lost device.
  • the trigger message is one of an email, and a SMS.
  • an unauthorized user attempts to replace the existing SIM with a new SIM in the lost device.
  • the new SIM enables the unauthorized user to perform cellular functions in the lost device.
  • a trigger message is sent to the registered number in response to change in existing SIM.
  • the registered number is the number of an authorized user's friend or relative.
  • the trigger message includes the location information of the lost device and confirmation request to lock the device.
  • the authorized user responds to the trigger message by sending a confirmation message to lock the lost device.
  • the lost device is locked.
  • the lock command restricts the functionality of the lost device.
  • the lock command is a remotely initiated instruction sent via a server to the lost device to stop the functioning of the lost device and software in the lost device, either in full or partially.
  • a One Time Password is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request.
  • the locking application is configured to generate OTP.
  • the locking application is embedded in the factory setting.
  • the registered mobile number is asked to resend the OTP.
  • the locking command application is configured to authenticate and verify the OTP received from the registered number.
  • the application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
  • FIG. 5 is a block diagram of the system for providing data security.
  • the system for providing data security in a portable communication device comprises security module 502, biometric scanner 504, IMEI module 506, and GPS module 508.
  • the security module 502 is installed under an operating system of the mobile device operating system.
  • the security module 502 communicates with a hardware processor coupled to a memory containing instructions configured for implanting locking function.
  • the security module 502 is configured to enable a user to initiate a message from a registered mobile device when the portable communication device is lost, wherein the message comprises a lock command. Further, the security module 502 is configured to activate a biometric scanner on initiating a flash request on the portable communication device.
  • the biometric scanner 504 authenticates a user accessing the portable communication device and prevent unauthorized access.
  • the security module 502 is configured to initiate a trigger message from the portable communication device to a registered mobile number when an attempt is made to replace existing SIM.
  • the trigger message comprises a lock request confirmation and a location information of the portable communication device.
  • the security module 502 is further configured to initiate a locking of the portable communication device when a SIM is replaced or biometric authentication fails.
  • the system further comprises the IMEI module 506 configured to receive message that directly communicates with the IMEI number of the portable communication device.
  • the lock command restricts the functionality of the device.
  • the system further comprises the biometric scanner 504 configured to perform biometric authentication through one of voice analysis, facial recognition, and finger print verification.
  • the system includes a Global Positioning system or GPS module 508 for determining location information.
  • a One Time Password is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request.
  • the locking application is configured to generate OTP.
  • the locking application is embedded in the factory setting.
  • the registered mobile number is asked to resend the OTP.
  • the locking command application is configured to authenticate and verify the OTP received from the registered number.
  • the application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
  • the embodiments herein provide a system and method for providing data security and prevents an unauthorized user from using the lost or stolen portable communication device.
  • the system and method of embodiment herein provides data security and helps to retrieve the device. In case, the device is not able to be retrieved, the system enables the user to send a message with the lock command and stop the functionality of the device.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)

Abstract

A system and a method for providing data security and locking a lost portable communication device is disclosed. The method initiates a short media message (SMS) including a lock command that directly communicates with the IMEI number of the portable communication device. The lock command restricts the functionality of the device. The system provides data security and prevents an unauthorized user from flashing the portable communication device. The system for locking portable communication device includes an IMEI module, a security module, a server and a GSM module.

Description

A SYSTEM AND A METHOD FOR LOCKING A LOST PORTABLE
COMMUNICATION DEVICE
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This patent application claims the priority of the Indian Provisional Patent Application filed on March 10, 2016 and subsequently Post-dated by 6 months to September 10, 2016 with the number 201641008329 and titled, "SYSTEM AND METHOD FOR LOCKING A LOST PORTABLE COMMUNICATION DEVICE THROUGH SMS", and also claims the priority of another Indian Provisional Patent Application filed on March 14, 2016 and subsequently Post-dated by 6 months to September 14, 2016 with the number 201641008754 and titled, "SYSTEM AND METHOD FOR LOCKING A STOLEN PORTABLE COMMUNICATION DEVICE" and also the contents of which are incorporated herein by the way of reference.
BACKGROUND
Technical Field
[0002] The embodiment herein is generally related to the field of mobile communication devices. The embodiment herein is particularly related to a system and method for preventing misuse of lost portable communication device by an unauthorized user. The embodiment herein is more particularly related to a system and method for sending a message to lock a lost (misplaced or stolen) portable communication device.
Description of the Related Art
[0003] As communication using mobile phones increased extensively, the problem of mobile phone safety has become crucial. Currently, the mobile phone devices contain an electronic module known as subscriber identity module (SIM). Further, the mobile device is identified using an equipment identifier known as internal mobile equipment identity (IMEI).
[0004] Each mobile communication device carries a unique device-id (device identification) which is known as International Mobile Equipment Identity (IMEI) in Global System for Mobile Communications (GSM). This device-id can be used by a network service provider to trace/track the mobile communication device and to block the mobile communication device, if the mobile communication device is stolen and reused by somebody else. GSM network architecture has a node defined in the network called Equipment Identification Register (EIR), which maintains a list of black listed, white listed and grey listed mobile communication devices.
[0005] The existing methods involves in blocking the IMEI number by communicating with a network provider. The method is deployed to track the IMEI of the devices under service in a network and further map the IMEI with a database of stolen devices. This method is strenuous and does not provide sufficient protection.
[0006] In CDMA systems, the users typically block the SIM once the mobile phone is lost. However, an unauthorized user can flash the mobile phone and use the same with a different carrier. Hackers can change the IMEI of the mobile phones. There are no system to block the functionality of the mobile phone once the mobile device is lost. Further, there are no systems that directly communicate with the IMEI of the lost mobile phone.
[0007] In view of the above discussion, there exists a need for a system and method to lock a portable communication device incase of loss and provide data security. Further, there exists need for a method and system for preventing the use of the portable communication device by replacing existing SIM. Furthermore, there exists need for a method for preventing the use of the portable communication device by flashing.
[0008] The above-mentioned shortcomings, disadvantages and problems are addressed herein, which will be understood by reading and studying the following specification.
OBIECTS OF THE EMBODIMENTS
[0009] The primary object of the embodiment herein is to provide a system and method for data security in a portable communication device by providing options for locking the device.
[0010] Another object of the embodiment herein is to provide a system and method for enabling a biometric scanner to prevent an unauthorized user from flashing the portable communication device.
[0011] Yet another object of the embodiment herein is to provide a method and system for initiating a trigger message including locking request and device location, when an attempt is made to replace existing SIM (Subscriber Identity Module), thereby preventing misuse of the device.
[0012] Yet another object of the embodiment herein is to provide a method and system for initiating a locking of a stolen or lost portable communication device when a SIM is replaced or biometric authentication fails.
[0013] Yet another object of the embodiment herein is to provide a method and system for locking a lost portable communication device by sending a short media message (SMS). [0014] Yet another object of the embodiment herein is to provide a method and system for locking the lost portable communication device by a message that directly communicates with the IMEI number.
[0015] Yet another object of the embodiment herein is to provide a method and system for locking the lost portable communication device by sending a short media message with lock command.
[0016] Yet another object of the embodiment herein is to provide a method and system for locking the lost portable communication device by initiating a trigger message from the lost communication device to a registered mobile number with a location information and a lock request.
[0017] These and other objects and advantages of the embodiment herein will become readily apparent from the following detailed description taken in conjunction with the accompanying drawings.
SUMMARY
[0018] The various embodiments of the embodiment herein disclose a system and method for immediately locking a lost portable communication device by sending a short media service (SMS). The SMS initiates a lock command that directly communicates with the IMEI number of the portable communication device.
[0019] According to an embodiment herein, a method for providing data security in a portable communication device is disclosed. A security module is installed under an operating system of the mobile device operating system, wherein each security module comprises components that implement locking function. A user is enabled to initiate a message from a registered mobile device when the portable communication device is lost, wherein the message comprises a lock command. Further, a biometric scanner is activated on initiating a flash request on the portable communication device. The biometric scanner authenticates a user accessing the portable communication device and prevent unauthorized access. A trigger message is initiated from the portable communication device to a registered mobile number when an attempt is made to replace existing SIM. The trigger message comprises a lock request confirmation and a location information of the portable communication device. A One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated. Further, a locking of the portable communication device is activated when a SIM is replaced or biometric authentication fails. Thus, locking of the portable communication device provides data security.
[0020] According to an embodiment herein, the message sent from the registered mobile number directly communicates with the IMEI number of the portable communication device to activate locking command. The lock command restricts the functionality of the device.
[0021] According to an embodiment herein, the biometric authentication is at least one of voice analysis, facial recognition, and finger print verification. The step of activating a biometric scanner further comprises enabling the user to access the portable communication device when the biometric authentication is a success. The step of enabling a user to initiate a message further comprises sending a request to a server with contact details and password corresponding to the portable communication device. Further, the portable communication device associated with the contact details is identified. Thereafter, a message is sent from the server to the identified portable communication device.
[0022] According to an embodiment herein, the location information is a GPS location of the device provided by the GPS module.
[0023] According to an embodiment herein, the system for providing data security in a portable communication device comprises an IMEI module, a biometric scanner, a security module, and a GSM module. The security module is installed under an operating system of the mobile device operating system. The security module communicates with a hardware processor coupled to a memory containing instructions configured for implanting locking function. The security module is configured to enable a user to initiate a message from a registered mobile device when the portable communication device is lost, wherein the message comprises a lock command. Further, the security module is configured to activate a biometric scanner on initiating a flash request on the portable communication device. The biometric scanner authenticates a user accessing the portable communication device and prevent unauthorized access. The security module is configured to initiate a trigger message from the portable communication device to a registered mobile number when an attempt is made to replace existing SIM. The trigger message comprises a lock request confirmation and a location information of the portable communication device. The security module is further configured to initiate a locking of the portable communication device when a SIM is replaced or biometric authentication fails. A One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
[0024] According to an embodiment herein, the system further comprises a IMEI module configured to receive message that directly communicates with the IMEI number of the portable communication device. The lock command restricts the functionality of the device. The system further comprises a biometric scanner configured to perform biometric authentication through one of voice analysis, facial recognition, and finger print verification. The system includes a Global Positioning system or GPS module for determining location information.
[0025] According to one embodiment of the embodiment herein, a method is provided for locking a lost portable communication device during an attempt to change SIM (Subscriber Identity Module) in GSM based devices. In GSM enabled devices, the embodiment herein prevents an unauthorized user from removing the SIM. According to one embodiment of the embodiment herein, the portable communication device sends a trigger message to a registered number when the unauthorized user removes SIM from the device. The trigger message is any one of an email, and a SMS. Once the device is lost, a user blocks the SIM in the device so that an authorized person does not misuse the SIM. [0026] According to one embodiment of the embodiment herein, a method is provided for locking a lost portable communication device during an attempt to flash CDMA based devices. The embodiment herein provides a data security and prevents an unauthorized user from flashing the portable communication device. According to one embodiment of the embodiment herein, the portable communication device verifies any user accessing the device using biometrics authentication. The biometric authentication is selected from a group consisting of a voice analysis, a facial recognition, and a finger print verification. Further, the device initiates a lock command when the user fails to verify the identity using biometric data. The lock command restricts the functionality of the device.
[0027] According to one embodiment of the embodiment herein, the security module provides data security and prevents an unauthorized user from using the portable communication device. Further, the security module enables a user to send a lock message to initiate a locking of the lost mobile device, thereby preventing a misuse of the portable communication device. The server permits access to the owner upon submitting a command to lock the device when the mobile device is lost or stolen, by using the contact details and the password of the owner of the lost mobile device. Likewise, the serial number and/or telephone number of the mobile device is automatically stored in the server for registering with the lock service so that the device is identified when an instruction for locking the mobile device is received from the registered user of the mobile device. A One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
[0028] According to one embodiment of the embodiment herein, a method for locking a lost portable communication device is provided. The method comprises providing a user interface (UI) to the registered user of the mobile device to provide an option to register for a locking service of a remote device. Further, the registered owner of the mobile device enters an emergency contact number and a password during the registering of the device with the device manufacturer. When a loss of the mobile device is reported, the method involves sending a trigger message to the emergency contact number when an unauthorized user accesses the mobile device. The trigger message includes a location information of the device and a confirmation request to lock the device. The location information is a GPS location of the device. Thus, the method enables the user to track the device with the GPS location. The lock command in the trigger message is a remotely initiated instruction sent via a server to the lost mobile device to stop either a partial of fully operational functionalities of the lost mobile device remotely. A One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
[0029] These and other aspects of the embodiments herein will be better appreciated and understood when considered in conjunction with the following description and the accompanying drawings. It should be understood, however, that the following descriptions, while indicating the preferred embodiments and numerous specific details thereof, are given by way of illustration and not of limitation. Many changes and modifications may be made within the scope of the embodiments herein without departing from the spirit thereof, and the embodiments herein include all such modifications.
BRIEF DESCRIPTION OF THE DRAWINGS
[0030] The other objects, features and advantages will occur to those skilled in the art from the following description of the preferred embodiment and the accompanying drawings in which:
[0031] FIG. 1 is a flowchart explaining a method for providing data security in a portable communication device.
[0032] FIG. 2 illustrates a flowchart explaining a method for locking a lost portable device through SMS message, according to one embodiment of the embodiment herein.
[0033] FIG. 3 illustrates a flowchart explaining a method of locking a lost portable communication device during an attempt to flash
[0034] FIG. 4 illustrates a flowchart explaining a method of locking a lost portable communication device during an attempt to change SIM (Subscriber Identity Module), according to one embodiment of the embodiment herein. [0035] FIG. 5 is a block diagram of a system for providing data security.
[0036] Although the specific features of the embodiment herein are shown in some drawings and not in others. This is done for convenience only as each feature may be combined with any or all of the other features in accordance with the embodiment herein.
DETAILED DESCRIPTION OF THE EMBODIMENTS HEREIN
[0037] In the following detailed description, a reference is made to the accompanying drawings that form a part hereof, and in which the specific embodiments that may be practiced is shown by way of illustration. These embodiments are described in sufficient detail to enable those skilled in the art to practice the embodiments and it is to be understood that other changes may be made without departing from the scope of the embodiments. The following detailed description is therefore not to be taken in a limiting sense.
[0038] The various embodiments of the embodiment herein disclose a system and method for immediately locking a lost portable communication device by sending a short media service (SMS). The SMS initiates a lock command that directly communicates with the IMEI number of the portable communication device.
[0039] According to an embodiment herein, a method for providing data security in a portable communication device is disclosed. A security module is installed under an operating system of the mobile device operating system, wherein each security module comprises components that implement locking function. A user is enabled to initiate a message from a registered mobile device when the portable communication device is lost, wherein the message comprises a lock command. Further, a biometric scanner is activated on initiating a flash request on the portable communication device. The biometric scanner authenticates a user accessing the portable communication device and prevent unauthorized access. A trigger message is initiated from the portable communication device to a registered mobile number when an attempt is made to replace existing SIM. The trigger message comprises a lock request confirmation and a location information of the portable communication device. Further, a locking of the portable communication device is activated when a SIM is replaced or biometric authentication fails. Thus, locking of the portable communication device provides data security.
[0040] According to an embodiment herein, the message sent from the registered mobile number directly communicates with the IMEI number of the portable communication device to activate locking command. The lock command restricts the functionality of the device. According to an embodiment herein, the biometric authentication is at least one of voice analysis, facial recognition, and finger print verification. The step of activating a biometric scanner further comprises enabling the user to access the portable communication device when the biometric authentication is a success. The step of enabling a user to initiate a message further comprises sending a request to a server with contact details and password corresponding to the portable communication device. Further, the portable communication device associated with the contact details is identified. Thereafter, a message is sent from the server to the identified portable communication device. A One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
[0041] According to an embodiment herein, the location information is a GPS location of the device provided by the GPS module.
[0042] According to an embodiment herein, the system for providing data security in a portable communication device comprises an IMEI module, a biometric scanner, a security module, and a GSM module. The security module is installed under an operating system of the mobile device operating system. The security module communicates with a hardware processor coupled to a memory containing instructions configured for implanting locking function. The security module is configured to enable a user to initiate a message from a registered mobile device when the portable communication device is lost, wherein the message comprises a lock command. Further, the security module is configured to activate a biometric scanner on initiating a flash request on the portable communication device. The biometric scanner authenticates a user accessing the portable communication device and prevent unauthorized access. The security module is configured to initiate a trigger message from the portable communication device to a registered mobile number when an attempt is made to replace existing SIM. The trigger message comprises a lock request confirmation and a location information of the portable communication device. The security module is further configured to initiate a locking of the portable communication device when a SIM is replaced or biometric authentication fails. A One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
[0043] According to an embodiment herein, the system further comprises a IMEI module configured to receive message that directly communicates with the IMEI number of the portable communication device. The lock command restricts the functionality of the device. The system further comprises a biometric scanner configured to perform biometric authentication through one of voice analysis, facial recognition, and finger print verification. The system includes a Global Positioning system or GPS module for determining location information.
[0044] According to one embodiment of the embodiment herein, a method is provided for locking a lost portable communication device during an attempt to change SIM (Subscriber Identity Module) in GSM based devices. In GSM enabled devices, the embodiment herein prevents an unauthorized user from removing the SIM. According to one embodiment of the embodiment herein, the portable communication device sends a trigger message to a registered number when the unauthorized user removes SIM from the device. The trigger message is any one of an email, and a SMS. Once the device is lost, a user blocks the SIM in the device so that an authorized person does not misuse the SIM.
[0045] According to one embodiment herein, a One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
[0046] According to one embodiment of the embodiment herein, the security module provides data security and prevents an unauthorized user from using the portable communication device. Further, the security module enables a user to send a lock message to initiate a locking of the lost mobile device, thereby preventing a misuse of the portable communication device. The server permits access to the owner upon submitting a command to lock the device when the mobile device is lost or stolen, by using the contact details and the password of the owner of the lost mobile device. Likewise, the serial number and/or telephone number of the mobile device is automatically stored in the server for registering with the lock service so that the device is identified when an instruction for locking the mobile device is received from the registered user of the mobile device. [0047] According to one embodiment of the embodiment herein, a method for locking a lost portable communication device is provided. The method comprises providing a user interface (UI) to the registered user of the mobile device to provide an option to register for a locking service of a remote device. Further, the registered owner of the mobile device enters an emergency contact number and a password during the registering of the device with the device manufacturer. When a loss of the mobile device is reported, the method involves sending a trigger message to the emergency contact number when an unauthorized user accesses the mobile device. The trigger message includes a location information of the device and a confirmation request to lock the device. The location information is a GPS location of the device. Thus, the method enables the user to track the device with the GPS location. The lock command in the trigger message is a remotely initiated instruction sent via a server to the lost mobile device to stop either a partial of fully operational functionalities of the lost mobile device remotely.
[0048] According to one embodiment of the embodiment herein, a One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated. [0049] FIG. 1 is a flowchart explaining a method for providing data security in a portable communication device. A security module is installed under an operating system of the mobile device operating system, wherein each security module comprises components that implement locking function (100). A user is enabled to initiate a message from a registered mobile device when the portable communication device is lost (102). The message comprises a lock command. Further, a biometric scanner is activated on initiating a flash request on the portable communication device (104). The biometric scanner authenticates a user accessing the portable communication device and prevent unauthorized access. A trigger message is initiated from the portable communication device to a registered mobile number when an attempt is made to replace existing SIM (106). The trigger message comprises a lock request confirmation and a location information of the portable communication device. Further, a locking of the portable communication device is activated when a SIM is replaced or biometric authentication fails (108). Thus, locking of the portable communication device provides data security.
[0050] According to an embodiment herein, the message sent from the registered mobile number directly communicates with the IMEI number of the portable communication device to activate locking command. The lock command restricts the functionality of the device. According to an embodiment herein, the biometric authentication is at least one of voice analysis, facial recognition, and finger print verification. The step of activating a biometric scanner further comprises enabling the user to access the portable communication device when the biometric authentication is a success. The step of enabling a user to initiate a message further comprises sending a request to a server with contact details and password corresponding to the portable communication device. Further, the portable communication device associated with the contact details is identified. Thereafter, a message is sent from the server to the identified portable communication device.
[0051] According to an embodiment herein, a One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
[0052] According to an embodiment herein, the location information is a GPS location of the device provided by the GPS module.
[0053] FIG. 2 is a flowchart illustrating the steps of locking a lost portable communication device with an SMS, according to one embodiment of the embodiment herein. The embodiment herein provides data security and prevents an unauthorized user from using the lost (stolen or misplaced) portable communication device a portable communication device, hereinafter referred to as a device.
[0054] In CDMA based systems, the mobile device is identified using an equipment identifier known as an internal mobile equipment identity (IMEI). Each IMEI number is mapped with a user profile. A user registers his\her mobile device with the Digital Identity Management Service (DIMS). Further, the Digital Identity Management Service (DIMS) is designed to keep the records of the IMEI number of phones.
[0055] According to one embodiment of the embodiment herein, the device provides an owner to pre-register with a device lock service. The system includes a server permitting access to the owner upon submitting a command to lock the device when the registered mobile device is later lost or stolen, by using the contact details and the password of the registered owner. Likewise, the serial number and/or telephone number of registered mobile device is automatically stored in the server for registering with the lock service so that the registered device is identified, when an instruction for locking the registered device is received from an authorized/registered owner of the mobile device.
[0056] With reference to FIG. 1, the method for locking a lost portable communication device with an SMS comprises the following steps of processes. At step 200, the portable mobile device displays a user interface (UI) for providing the owner with an option to register for a remote device lock service. Further, the owner enters the emergency contact number and a password during the registration of the mobile device with the respective device manufacturer. At step 202, the loss of the mobile device is reported. At step 204, an unauthorized user access the lost mobile device and attempts to use the lost mobile device by changing the carrier or by flashing the device. At step 206, the lost mobile device sends a trigger message to the emergency contact number using the security module. The trigger message includes a location information of the lost mobile device and a confirmation request to lock the lost mobile device. The address comprises a GPS location of the lost mobile device. Thus, the method enables the user to track the lost mobile device with the GPS location.
[0057] At step 208, the registered owner of the lost mobile device sends an SMS with a lock command. The lock command is a remotely initiated instruction sent via a server to the lost mobile device to stop the operational functionalities of the lost mobile device either fully or partially. Thus the mobile device completely shut down or 'killed' so that the lost mobile is completely not operable, in which case, the lock command will be a kill switch. Alternately, the lock command disables every functions, but displays a telephone number to call to report that the lost mobile device has been found, or an email address to contact, or both. The lost mobile device is permitted only to contact this number or email, without being permitted to contact other emails or numbers, except perhaps an emergency services number.
[0058] According to an embodiment herein, a One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
[0059] According to one embodiment of the embodiment herein, the mobile device provides an owner to subscribe to lock service following theft or loss of a device. The system receives a request to lock the device, which is received by the registered owner via a terminal. Afterwards, the server establishes a communication link with the device, which is initiated either by the lost mobile device or the server. The server sends a lock command to the lost mobile device. The lock command results in a reduction of functionality available on the lost mobile device. For example, the device is limited to calling a specified number to inform a responsible party of the whereabouts of the device, when the device is a mobile phone. Alternately, the lost device is simply configured to display a number to call or an email address to contact.
[0060] According to one embodiment of the embodiment herein, the system for locking the device with the SMS automatically publishes the device and its identifying details, such as a serial number, in the lost and found database. The details may already be stored there and a flag is simply be set to indicate that the device is now lost or stolen, which results in publishing the details of the lost or stolen device. When the registered owner has logged on to the server, a single command is used/ sufficient for sending a request for locking the lost mobile device and publishing the details of the locked mobile device that is lost and found in a database.
[0061] According to one embodiment of the embodiment herein, the system for locking a lost device further enables a person to retrieve the lost mobile device after the lost mobile device is found. The system receives a notification that the mobile device which is reported and published as lost or stolen has been found. The finder of the mobile device is verified, for example, that the serial number of the device matches the serial number displayed on a website that presents information about devices marked in the database as lost or stolen. Thus, the system and method of embodiment herein provides a data security and helps to retrieve the lost mobile device. In case, the lost mobile device is not retrieved, the system enables the authorized/registered user to send a message with the lock command and stop the functionality of the lost mobile device.
[0062] FIG. 3 illustrates a flowchart explaining a method of locking a lost portable communication device during an attempt to flash, according to one embodiment of the embodiment herein. The embodiment herein provides data security and prevents an unauthorized user from flashing the portable communication device. According to one embodiment of the embodiment herein, the portable communication device verifies any user accessing the device using biometrics authentication. The biometric authentication is any one of voice analysis, facial recognition, and finger print verification. In accordance with the embodiment herein, the user is permitted to access the device only if he is authenticated using biometrics.
[0063] A user registers his\her biometric profile data including his\her voice and facial image with the Digital Identity Management Service (DIMS). Further, the Digital Identity Management Service (DIMS) is used to keep records of the IMEI number of phones. In CDMA based systems, the mobile device is identified using an equipment identifier known as an internal mobile equipment identity (IMEI). Each IMEI number is mapped with a biometric profile.
[0064] At step 300, a portable communication device, is reported as lost (stolen or misplaced). At step 302, an unauthorized user access the lost device and attempts to use the lost device by changing the carrier. In order to change the carrier, the user initiates flashing of the lost device. At step 304, the lost device requests for biometric authentication to initiate flashing. At step 306, the biometric data is compared to the biometric profile registered with the respective device. At step 308, the user is denied access to flash the lost device if the biometric data does not match with the biometric profile. At step 310, the lost device initiates a lock command when user fails to verify the identity using biometnc data. The lock command restricts the functionality of the lost device. The lock command is a remotely initiated instruction sent via a server to the lost device to stop operation of the lost device, either in full or partially. It may mean 'killing' the device so that it becomes completely inoperable, in which case the lock command will be a kill switch. Alternately, the lock command disables every functions, but displays a telephone number to call to report that the lost device has been found, or an email address to contact, or both. The lost device is permitted to contact this number or email, without being permitted to contact other emails or numbers, except perhaps an emergency services number.
[0065] Non-limiting examples of a device include a laptop, cell phone, personal digital assistant, smart phone, memory stick, personal media device, gaming device, personal computer, tablet computer, electronic book, and netbook.
[0066] According to an embodiment herein, a One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated. [0067] FIG. 4 illustrates a flowchart explaining a method of locking a lost portable communication device during an attempt to change SIM (Subscriber Identity Module), according to one embodiment of the embodiment herein. In GSM enabled devices, the embodiment herein prevents an unauthorized user from removing SIM. According to one embodiment of the embodiment herein, the portable communication device sends a trigger message to a registered number when the unauthorized user removes SIM from the lost device. The trigger message is one of an email, and a SMS. Once the device is lost, a user blocks the SIM in the lost device so that an authorized person does not misuse the SIM. However, the unauthorized user attempts to communicate through the lost device by replacing the existing SIM with a new SIM.
[0068] At step 402, an unauthorized user attempts to replace the existing SIM with a new SIM in the lost device. The new SIM enables the unauthorized user to perform cellular functions in the lost device. At step 404, a trigger message is sent to the registered number in response to change in existing SIM. The registered number is the number of an authorized user's friend or relative. The trigger message includes the location information of the lost device and confirmation request to lock the device. At step 406, the authorized user responds to the trigger message by sending a confirmation message to lock the lost device. At step 408, the lost device is locked. The lock command restricts the functionality of the lost device. The lock command is a remotely initiated instruction sent via a server to the lost device to stop the functioning of the lost device and software in the lost device, either in full or partially. It may mean 'killing' the device so that it becomes completely inoperable, in which case the lock command will be a kill switch. Thus, the method prevents the unauthorized user from using the lost device. Further, the data in the lost device is protected from misuse. [0069] According to an embodiment herein, a One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
[0070] FIG. 5 is a block diagram of the system for providing data security. According to an embodiment herein, the system for providing data security in a portable communication device comprises security module 502, biometric scanner 504, IMEI module 506, and GPS module 508. The security module 502 is installed under an operating system of the mobile device operating system. The security module 502 communicates with a hardware processor coupled to a memory containing instructions configured for implanting locking function. The security module 502 is configured to enable a user to initiate a message from a registered mobile device when the portable communication device is lost, wherein the message comprises a lock command. Further, the security module 502 is configured to activate a biometric scanner on initiating a flash request on the portable communication device. The biometric scanner 504 authenticates a user accessing the portable communication device and prevent unauthorized access. The security module 502 is configured to initiate a trigger message from the portable communication device to a registered mobile number when an attempt is made to replace existing SIM. The trigger message comprises a lock request confirmation and a location information of the portable communication device. The security module 502 is further configured to initiate a locking of the portable communication device when a SIM is replaced or biometric authentication fails.
[0071] According to an embodiment herein, the system further comprises the IMEI module 506 configured to receive message that directly communicates with the IMEI number of the portable communication device. The lock command restricts the functionality of the device. The system further comprises the biometric scanner 504 configured to perform biometric authentication through one of voice analysis, facial recognition, and finger print verification. The system includes a Global Positioning system or GPS module 508 for determining location information.
[0072] According to an embodiment herein, a One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
[0073] These and other aspects of the embodiments herein will be better appreciated and understood when considered in conjunction with the following description and the accompanying drawings. It should be understood, however, that the following descriptions, while indicating the preferred embodiments and numerous specific details thereof, are given by way of illustration and not of limitation. Many changes and modifications may be made within the scope of the embodiments herein without departing from the spirit thereof, and the embodiments herein include all such modifications.
[0074] The embodiments herein provide a system and method for providing data security and prevents an unauthorized user from using the lost or stolen portable communication device. The system and method of embodiment herein provides data security and helps to retrieve the device. In case, the device is not able to be retrieved, the system enables the user to send a message with the lock command and stop the functionality of the device.
[0075] The foregoing description of the specific embodiments will so fully reveal the general nature of the embodiments herein that others can, by applying current knowledge, readily modify and/or adapt for various applications such as specific embodiments without departing from the generic concept, and, therefore, such adaptations and modifications should and are intended to be comprehended within the meaning and range of equivalents of the disclosed embodiments.
[0076] It is to be understood that the phraseology or terminology employed herein is for the purpose of description and not of limitation. Therefore, while the embodiments herein have been described in terms of preferred embodiments, those skilled in the art will recognize that the embodiments herein can be practiced with modifications. However, all such modifications are deemed to be within the scope of the claims to be submitted at the time of filing a complete specification.

Claims

CLAIMS: What is claimed is:
1. A method for providing data security in a portable communication device, the method comprising:
installing a security module under an operating system of the mobile device operating system, wherein the security module communicates with a hardware processor coupled to a memory containing instructions configured for implementing locking function; enabling a user to initiate a message from a registered mobile device when the portable communication device is lost, wherein the message comprises a lock command; sending a onetime password (OTP) on the registered mobile device to authenticate the user activating a biometric scanner on initiating a flash request on the portable communication device, wherein the biometric scanner authenticates a user accessing the portable communication device and prevent unauthorized access; initiating a trigger message from the portable communication device to a registered mobile number when an attempt is made to replace existing SIM, wherein the trigger message comprises a lock request confirmation and a location information of the portable communication device; sending a one-time password to the registered mobile number when the trigger message is initiated to authenticate the user; and initiating a locking of the portable communication device when a SIM is replaced or biometric authentication fails, wherein locking of the portable communication device provides data security;
wherein a One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
2. The method as claimed in claim 1, wherein the message sent from the registered mobile number directly communicates with the IMEI number of the portable communication device to activate locking command.
3. The method as claimed in claim 1, wherein the lock command restricts the functionality of the device.
4. The method as claimed in claim 1, wherein the biometric authentication is at least one of voice analysis, facial recognition, and finger print verification.
5. The method as claimed in claim 1, wherein the step of activating a biometric scanner further comprises enabling the user to access the portable communication device when the biometric authentication is a success.
6. The method as claimed in claim 1, wherein the step of enabling a user to initiate a message further comprises
sending a request to a server with contact details and password corresponding to the portable communication device;
identifying the portable communication device associated with the contact details;
sending the message from the server to the identified portable communication device.
7. The method as claimed in claim 1, wherein the location information is a GPS location of the device.
8. A system for providing data security in a portable communication device, the system comprising:
a security module installed under an operating system of the mobile device operating system, wherein the security module communicates with a hardware processor coupled to a memory containing instructions configured for implanting locking function, wherein the security module is configured to: enable a user to initiate a message from a registered mobile device when the portable communication device is lost, wherein the message comprises a lock command;
send a one-time password to the registered mobile number when the trigger message is initiated to authenticate the user; and
activate a biometric scanner on initiating a flash request on the portable communication device, wherein the biometric scanner authenticates a user accessing the portable communication device and prevent unauthorised access; initiate a trigger message from the portable communication device to a registered mobile number when an attempt is made to replace existing SIM, wherein the trigger message comprises a lock request confirmation and a location information of the portable communication device;
send a one-time password to the registered mobile number when the trigger message is initiated to authenticate the user; and
initiate a locking of the portable communication device when a SIM is replaced or biometric authentication fails;
wherein a One Time Password (OTP) is generated and shared to the registered mobile number upon receiving the trigger message comprising lock request. The locking application is configured to generate OTP. The locking application is embedded in the factory setting. The registered mobile number is asked to resend the OTP. The locking command application is configured to authenticate and verify the OTP received from the registered number. The application is configured to issue a lock command and kill command to lock and kill the personal data, when the OTP received from the registered mobile number is verified and authenticated.
9. The system as claimed in claim 8, further comprises a IMEI module configured to receive message that directly communicates with the IMEI number of the portable communication device.
10. The system as claimed in claim 8, wherein the lock command restricts the functionality of the device.
11. The system as claimed in claim 8, further comprises a biometric scanner configured to perform biometric authentication through one of voice analysis, facial recognition, and finger print verification.
12. The system as claimed in claim 8, further comprises a Global Positioning system or GPS module for determining location information.
PCT/IN2017/050391 2016-09-10 2017-09-09 A system and a method for locking a lost portable communication device WO2018047203A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
IN201641008329 2016-09-10
IN201641008329 2016-09-10
IN201641008754 2016-09-14
IN201641008754 2016-09-14

Publications (1)

Publication Number Publication Date
WO2018047203A1 true WO2018047203A1 (en) 2018-03-15

Family

ID=61562531

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IN2017/050391 WO2018047203A1 (en) 2016-09-10 2017-09-09 A system and a method for locking a lost portable communication device

Country Status (1)

Country Link
WO (1) WO2018047203A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10993107B2 (en) 2019-03-01 2021-04-27 At&T Intellectual Property I, L.P. Multi-factor autonomous SIM lock

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100151822A1 (en) * 2008-12-12 2010-06-17 Microsoft Corporation Security Protocols for Mobile Operator Networks
US20140032691A1 (en) * 2011-10-11 2014-01-30 Citrix Systems, Inc. Policy-Based Application Management

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100151822A1 (en) * 2008-12-12 2010-06-17 Microsoft Corporation Security Protocols for Mobile Operator Networks
US20140032691A1 (en) * 2011-10-11 2014-01-30 Citrix Systems, Inc. Policy-Based Application Management

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10993107B2 (en) 2019-03-01 2021-04-27 At&T Intellectual Property I, L.P. Multi-factor autonomous SIM lock
US11558751B2 (en) 2019-03-01 2023-01-17 At&T Intellectual Property I, L.P. Multi-factor autonomous sim lock
US12081992B2 (en) 2019-03-01 2024-09-03 At&T Intellectual Property I, L.P. Multi-factor autonomous SIM lock

Similar Documents

Publication Publication Date Title
US12001857B2 (en) Device locator disable authentication
US9112905B2 (en) Authentication of access terminal identities in roaming networks
US10440034B2 (en) Network assisted fraud detection apparatus and methods
EP2196045B1 (en) System and method for protecting data in wireless devices
EP2266070B1 (en) System for mitigating the unauthorized use of a device
US9916481B2 (en) Systems and methods for mitigating the unauthorized use of a device
US8204475B2 (en) Method and apparatus for preventing unauthorized use of computing devices
US20120237908A1 (en) Systems and methods for monitoring and managing use of mobile electronic devices
CA3038884C (en) Protecting mobile devices from unauthorized device resets
US20120149330A1 (en) System and method to dynamically authenticate mobile devices
EP3166294B1 (en) Systems and methods for monitoring and managing use of mobile electronic devices
US20120144470A1 (en) User authentication method using location information
WO2018047203A1 (en) A system and a method for locking a lost portable communication device
KR20070037541A (en) Mobile communication terminal, control method thereof, and method for controlling a mobile communication service
CN111209561B (en) Application calling method and device of terminal equipment and terminal equipment
KR100923909B1 (en) Method and apparatus for remotely controlling of a mobile device
CN106162630B (en) Encryption protection method for terminal equipment
WO2014027242A1 (en) Systems and methods for mitigating the unauthorized use of a device
CN111465004B (en) Device activation enablement
EP3783938A1 (en) A method for resetting a personal code of a user of a telecommunication terminal and corresponding applet and server
GB2567045A (en) Method and apparatus for associating SIM card with a group of mobile communications devices

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17848310

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17848310

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 17848310

Country of ref document: EP

Kind code of ref document: A1