Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Explores Detecting User Behavior Patterns to Enhance Device Security

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
63,441
30,642



touch_id_icon.jpg
The United States Patent and Trademark Office today published an Apple patent application (via AppleInsider) describing methods for detecting the behavior of the person who is currently using the device and comparing them to past patterns. While the January 2013 patent application, "Generating Notifications Based on User Behavior", speaks relatively generically about such notifications, the invention's utility in providing device security seems clear.

This security method goes beyond the standard PIN-based security by examining cues such as grammar and vocabulary usage, motion sensor data, and gesture input to identify a user. Any changes from the recorded pattern of usage will send an alert that a new person is in control of the phone.

The phone then can either request that the person enter a password or Touch ID scan to confirm their identity or send a notification to a third-party service that alerts the original owner that their phone may be compromised.
A method for determining behavior associated with a user device, comprising: receiving behavior data identifying multiple types of user interaction with the user device; comparing the behavior data with patterns of behavior data associated with the user device, wherein the behavior-data patterns are generated from previously-received behavior data of an original user; determining a current user is potentially different from the original user based on the comparison of the behavior data with the patterns; and transmitting a command to the user device to lock the user device until the current user is verified as the original user.
Click to expand...
Apple may be exploring this technology in response to increasing civil pressure to provide advanced security measures for its iOS devices. In the United States, a growing number of politicians, district attorneys and law enforcement officials on both the local and federal levels are asking mobile phone manufacturers to build a kill-switch feature that dissuades theft into their devices. While federal legislation makes it way through Congress, Minnesota earlier this year became the first state to require a kill switch in a mobile phone.

Article Link: Apple Explores Detecting User Behavior Patterns to Enhance Device Security
 
Article Link
https://www.macrumors.com/2014/07/17/apple-patent-security-behavior-patterns/
NightFox

NightFox

macrumors 68040
May 10, 2005
3,238
4,479
Shropshire, UK
Could be a pain for families who share devices - unless we're going to see user profiles? Though I doubt it as I think Apple would much prefer everyone to buy their own device
 
K

kolax

macrumors G3
Mar 20, 2007
9,181
115
How about Apple increases security by requiring more than just my passcode to view my saved password database? It's the same on OS X. I want to use a very long secure passphrase for it, but there's no way to do that with iCloud's keychain.

NightFox said:
Could be a pain for families who share devices - unless we're going to see user profiles? Though I doubt it as I think Apple would much prefer everyone to buy their own device
Click to expand...

Then your pattern would be what the family does. If someone outside your family started using it and it was widely different to the pattern your family does, it'll flag up.
 
ArtOfWarfare

ArtOfWarfare

macrumors G3
Nov 26, 2007
9,553
6,053
This sounds great. Security shouldn't be something that requires the user to specifically do something that they wouldn't do anyways (IE, use their device in the manner that they typically do).
 
macduke

macduke

macrumors G5
Jun 27, 2007
13,127
19,646
Dad: I need to google something real quick and make a call. I left my phone in the car

Me: *hands phone to dad*

Siri: You type like an old man. Scan your thumb to verify your identity.

Me: *scans thumb and hands back phone*

Siri: You made an unusual search for "golf clubs". Scan your thumb to verify your identity.

Me: *scans thumb again*

Siri: You pinch to zoom like a noob and your posture has changed. Scan your thumb to verify your identity.

Me: Dad, just go get your iPhone.

…later that day, alone at home with my iPhone…

Siri: Your typing is much improved. Scan your thumb to verify your identity.

----------------------

Being chased by a murderer…

Me: *dialing 911*

Siri: You're trembling and typing erratically. Scan your thumb to verify your identity.

Me: *scans thumb*

Siri: Your thumb placement was unusual and your thumb very moist. Please scan your thumb again to verify your identity.

/dead lol
 
L

ludalukeerb

macrumors newbie
Jul 5, 2011
23
0
UK
Am I the first to think of the criminal side of things to this...I.e. Criminal mastermind is arrested, his/her cronies can remotely force a wipe/kill the device therefore completely destroying any evidence a law enforcement agency could glean from the device? Given that all iPhones supposedly encrypt everything? Probably wrong but it seems that side of things have been possibly completely overlooked?
 
Bluestrike2

Bluestrike2

macrumors member
Nov 9, 2008
53
19
Pittsburgh, PA
Kilamite said:
How about Apple increases security by requiring more than just my passcode to view my saved password database? It's the same on OS X. I want to use a very long secure passphrase for it, but there's no way to do that with iCloud's keychain.



Then your pattern would be what the family does. If someone outside your family started using it and it was widely different to the pattern your family does, it'll flag up.
Click to expand...

I believe the solution is obvious: use a proper password to begin with :). A good passphrase will be sufficient while also being easier to remember. This ought to help:

http://world.std.com/~reinhold/diceware.html
 
K

kolax

macrumors G3
Mar 20, 2007
9,181
115
Bluestrike2 said:
I believe the solution is obvious: use a proper password to begin with :). A good passphrase will be sufficient while also being easier to remember.
Click to expand...

Don't think you understand..

I can't set my iCloud Keychain password. It's either my Mac's account password or my iPhone's unlock code. I want it to be a unique password on it's own, not something I use to approve application installations on my Mac.
 
Last edited:
NightFox

NightFox

macrumors 68040
May 10, 2005
3,238
4,479
Shropshire, UK
Kilamite said:
Then your pattern would be what the family does. If someone outside your family started using it and it was widely different to the pattern your family does, it'll flag up.
Click to expand...

I take your point but to be honest I think any behaviour is going to sit within the spectrum of 45 year old father undergoing midlife crisis and 9 year old loomband-obsessed daughter.
 
RichTF

RichTF

macrumors regular
Nov 11, 2007
217
526
London, UK
gotluck said:
Hah, knew this comment would be here.

Gotta love the double standard
Click to expand...

Not really a double standard, as the two companies have very different business models. Google makes its money off your personal profile. Apple makes its money off, well, your money.

Why is this so hard to understand? I trust Apple more with my personal details simply because they have no core business reason to abuse them. Google (and Facebook, etc.) do, and so I am more wary of what I give them. Perfectly rational.
 
K

kolax

macrumors G3
Mar 20, 2007
9,181
115
NightFox said:
I take your point but to be honest I think any behaviour is going to sit within the spectrum of 45 year old father undergoing midlife crisis and 9 year old loomband-obsessed daughter.
Click to expand...

Haha. I think this is more for iPhones than iPads, though Apple may finally give us user accounts on the iPad which would solve your query!
 
gotluck

gotluck

macrumors 603
Dec 8, 2011
5,712
1,204
East Central Florida
RichTF said:
Not really a double standard, as the two companies have very different business models. Google makes its money off your personal profile. Apple makes its money off, well, your money.

Why is this so hard to understand? I trust Apple more with my personal details simply because they have no core business reason to abuse them. Google (and Facebook, etc.) do, and so I am more wary of what I give them. Perfectly rational.
Click to expand...

Apple makes money off of both and so does google.

I buy products from and provide data to both companies. Both companies sell ads

Both deserve suspicion IMO
 
Last edited:
jonnysods

jonnysods

macrumors G3
Sep 20, 2006
8,424
6,887
There & Back Again
macduke said:
Dad: I need to google something real quick and make a call. I left my phone in the car

Me: *hands phone to dad*

Siri: You type like an old man. Scan your thumb to verify your identity.

Me: *scans thumb and hands back phone*

Siri: You made an unusual search for "golf clubs". Scan your thumb to verify your identity.

Me: *scans thumb again*

Siri: You pinch to zoom like a noob and your posture has changed. Scan your thumb to verify your identity.

Me: Dad, just go get your iPhone.

…later that day, alone at home with my iPhone…

Siri: Your typing is much improved. Scan your thumb to verify your identity.

----------------------

Being chased by a murderer…

Me: *dialing 911*

Siri: You're trembling and typing erratically. Scan your thumb to verify your identity.

Me: *scans thumb*

Siri: Your thumb placement was unusual and your thumb very moist. Please scan your thumb again to verify your identity.

/dead lol
Click to expand...

Post of the day!!! Made me lol
 
powerstrokin

powerstrokin

macrumors 6502a
May 18, 2013
696
1
Is there a "down vote" button hidden somewhere? I see a lot of posts here are in the negatives...
 
W

winston1236

macrumors 68000
Dec 13, 2010
1,902
319
ludalukeerb said:
Am I the first to think of the criminal side of things to this...I.e. Criminal mastermind is arrested, his/her cronies can remotely force a wipe/kill the device therefore completely destroying any evidence a law enforcement agency could glean from the device? Given that all iPhones supposedly encrypt everything? Probably wrong but it seems that side of things have been possibly completely overlooked?
Click to expand...

Personally I don't care if a "mastermind" has his phone wiped. My data belongs to me. Besides a real wipe takes hours and hours, the iphone probably just marks the data for deletion and never overwrites it so its all still there.
 
Glassed Silver

Glassed Silver

macrumors 68020
Mar 10, 2007
2,096
2,567
Kassel, Germany
Maybe Apple would finally take note that some people press icons before their slow fade-in animations end?
a) At some point after daily usage, you wouldn't even have to present the icons of my most used apps anymore, let me tap them when I know precisely where to tap. It adds practical lag to my UX. Ugh...
b) At least some animations shouldn't have to end before I can interact with the elements presented. Is it smart not to accept touches on links in Safari when ending a quick scroll by tapping and "holding" the website? Absolutely! Is it smart to ignore clear, long up swipes in the app switcher that happen when it's still finishing scrolling at super slow-mo that's barely noticeable? No, good Lord no!

/off topic

Glassed Silver:mac
 
rdlink

rdlink

macrumors 68040
Nov 10, 2007
3,226
2,435
Out of the Reach of the FBI
gotluck said:
Apple makes money off of both and so does google.

I buy products from and provide data to both companies. Both companies sell ads

Both deserve suspicion IMO
Click to expand...

Simply not true. Take Google's primary revenue generator, selling your profile away from them and they shut down in short order. Take that business segment away from Apple, and they continue to make boatloads of cash.

Also, compare what information a typical MDM software can see on an iOS device and an Android device. You will be amazed at the difference.
 
kdarling

kdarling

macrumors P6
Jun 9, 2007
17,373
5,924
First university coding class = 47 years ago
Without checking, it sounds like another patent that simply applies current technology to old methods.

For decades, spy agencies used such methods to detect when someone else took over a clandestine radio or forced a spy to do something against their will.
 
NightFox

NightFox

macrumors 68040
May 10, 2005
3,238
4,479
Shropshire, UK
powerstrokin said:
Is there a "down vote" button hidden somewhere? I see a lot of posts here are in the negatives...
Click to expand...

It seems to keep appearing and disappearing over the last few days, trouble is every time it appears at least one person seems to enjoy themselves just down-voting every post.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom