The United States Patent and Trademark Office today published an Apple patent application (via AppleInsider) describing methods for detecting the behavior of the person who is currently using the device and comparing them to past patterns. While the January 2013 patent application, "Generating Notifications Based on User Behavior", speaks relatively generically about such notifications, the invention's utility in providing device security seems clear.
This security method goes beyond the standard PIN-based security by examining cues such as grammar and vocabulary usage, motion sensor data, and gesture input to identify a user. Any changes from the recorded pattern of usage will send an alert that a new person is in control of the phone.
The phone then can either request that the person enter a password or Touch ID scan to confirm their identity or send a notification to a third-party service that alerts the original owner that their phone may be compromised.
A method for determining behavior associated with a user device, comprising: receiving behavior data identifying multiple types of user interaction with the user device; comparing the behavior data with patterns of behavior data associated with the user device, wherein the behavior-data patterns are generated from previously-received behavior data of an original user; determining a current user is potentially different from the original user based on the comparison of the behavior data with the patterns; and transmitting a command to the user device to lock the user device until the current user is verified as the original user.
Apple may be exploring this technology in response to increasing civil pressure to provide advanced security measures for its iOS devices. In the United States, a growing number of politicians, district attorneys and law enforcement officials on both the local and federal levels are asking mobile phone manufacturers to build a kill-switch feature that dissuades theft into their devices. While federal legislation makes it way through Congress, Minnesota earlier this year became the first state to require a kill switch in a mobile phone.
Top Rated Comments
Me: *hands phone to dad*
Siri: You type like an old man. Scan your thumb to verify your identity.
Me: *scans thumb and hands back phone*
Siri: You made an unusual search for "golf clubs". Scan your thumb to verify your identity.
Me: *scans thumb again*
Siri: You pinch to zoom like a noob and your posture has changed. Scan your thumb to verify your identity.
Me: Dad, just go get your iPhone.
…later that day, alone at home with my iPhone…
Siri: Your typing is much improved. Scan your thumb to verify your identity.
----------------------
Being chased by a murderer…
Me: *dialing 911*
Siri: You're trembling and typing erratically. Scan your thumb to verify your identity.
Me: *scans thumb*
Siri: Your thumb placement was unusual and your thumb very moist. Please scan your thumb again to verify your identity.
/dead lol
Why is this so hard to understand? I trust Apple more with my personal details simply because they have no core business reason to abuse them. Google (and Facebook, etc.) do, and so I am more wary of what I give them. Perfectly rational.
Then your pattern would be what the family does. If someone outside your family started using it and it was widely different to the pattern your family does, it'll flag up.
The iPhone protects criminal masterminds from the police in exactly the same way it protect you from criminal masterminds. And there is no need for cronies to do a remote wipe. Use a strong passcode (not four digits, but ten digits or 8 random letters), set the iPhone to lock automatically after a very short time, and nobody can crack it.
For a search warrant, the police would actually need concrete evidence that evidence is stored on the phone. Saying "he's a criminal mastermind, there is surely same evidence on the phone" won't do, and the criminal mastermind's lawyer will (rightfully) tear anyone apart in court who tries something like that.
----------
Wrong. All data on any iPhone is encrypted. The encryption key is stored on the device (it is itself encrypted, obviously, and can only be encrypted by you entering the passcode). For safety in case it is accidentally destroyed, it's stored in two places. Erasing these two places is all it takes, and after that the data on the phone is not readable by anyone.