Mobile phones are now sophisticated mobile computing systems. They can include multiple processors, memory, and various input/output devices. Mobile phones can have operating systems and can execute multiple applications, sometimes even concurrently. For example, “smart phones” are mobile phones that employ operating systems and applications designed by the assignee of the instant patent application.
Users can employ mobile phones to complete simple and complex tasks, including completing various online transactions. For example, mobile phones can be used to complete banking or other transactions. A user can employ a mobile phone to connect to a bank's computer (e.g., by using a browser on the mobile phone to connect to an Internet service offered by the bank) to transfer funds between accounts, pay bills, etc.
Smart phones may eventually even become electronic “wallets” that users use to authorize payments to vendors, such as by placing their phone proximate to a “reader” at a vendor's establishment. Upon purchasing an item, the user may place the mobile phone near the reader. The reader may read a signal from the mobile phone to authorize the transaction, such as by confirming an identifier in the mobile phone with a bank.
As the set of features a phone offers increases, so does its “attack surface.” An attack surface comprises the set of points that a malicious entity can employ to break into any security features that a mobile phone, its operating system, or applications provide. Examples of some of the points comprising an attack surface include application program interfaces (APIs) provided by the operating system or an application. A malicious entity can install a component such as an application, object, dynamic link library, or other component to intercede when an online transaction occurs, such as to surreptitiously record and re-transmit credit card numbers, authorize transactions without the user's awareness, and so forth. To do so, the component can interject input or output, such as by employing the operating system's API to detect and/or interject keystrokes.