Computing devices (such as smart phones, laptop computers, desktop computers, server computers, mobile computers, tablet computers, digital music players, digital video players, and other such computing devices) may be capable of performing a variety of functions. Such functions may include executing applications such as web browsers, productivity software, games, playing media (such as images, audio, video, music, and other such media), electronic mail clients, and/or any other software application. In some cases, such functions may be performed in response to one or more instructions received from one or more users via one or more input/output devices.
In some cases, a computing device may be configured to require one or more credentials proving authorization for performing one or more functions, referred to as “secured functions.” Such configuration may be the result of default settings, user specified preferences stored by the computing device, use policies dictated by one or more enterprise servers when the computing device is used in an enterprise setting, and so on. For example, a secured function that may require credentials before performance may be providing a purchasing interface for purchasing digital content (such as image files, music or other audio files, video files, software applications, and other such digital content) for the computing device. When the computing device determines to provide the purchasing interface (such as in response to a user request for the purchasing interface), the computing device may require one or more credentials proving authorization before the computing device provides the purchasing interface. Such credentials may be provided by the user, may be stored by the computing device (such as in one or more cookies), and/or may be otherwise similarly provided before the computing device provides the purchasing interface.
For example, when a user requests the purchasing interface, the computing device may prompt the user for a password. The computing device may compare a password provided by the user with a stored password (such as by encrypting the user provided password with an encrypted version of the stored password) that is associated with an appropriate authorization to execute the purchasing interface. If the user provided password matches the stores password the computing device determines that the user is authorized to access the purchasing interface and provides the purchasing interface accordingly.
In general, computing devices do not require users to continuously provide passwords or other credentials constantly. Typically, a computing device obtains credentials proving authorization from a user to access the secured function for a period of time often referred to as the “grace period” (which may be ten seconds, one hour, until the computing device or the software application utilized to access the secured function restarts, or any other such period of time). Such a grace period is often utilized in order to avoid overburdening the user with authorization credential requests, because constant providing of authorization credentials such as passwords is not feasible, and other such reasons. Once the user has provided credentials proving authorization, it is often assumed that the user will continue to remain the user and thus continue to be authorized to utilize the secured function.
However, users may not retain control of a computing device during such a grace period. For example, a mother may enter her password on her smart phone in order to purchase one or more songs to use on the phone. She may then put her phone down and not pay attention, thus enabling her toddler to pick up the phone and play with it. In this case, the grace period may not have elapsed since the mother entered her password. As such, the toddler may inadvertently (simply by playing with the phone) purchase any number of songs for her mother's phone. Likely, the mother will neither want the songs nor want to pay for them. As such, though the smart phone required the mother to enter her password to purchase songs, the smart phone was still unable to prevent the unauthorized purchases.