The performance of certain types of actions can have serious consequences. For such actions, it may be desirable to have two or more authorized parties confirm the action before the action is permitted. In other instances, situations may arise in which the possessor, location, or condition of a mobile device may be in doubt. For such situations, it may be desirable to require that two or more authorized parties confirm the action or that access to the device is to be granted. And, in such situations, it should be the actual authorized parties that confirm the action. Thus, it is desirable to authenticate the parties.
An example of a representative action is the triggering of a kill switch on a computing device. Such an action becomes especially serious when the action may have the potential to inadvertently (or maliciously) disable many hundreds, thousands, or even millions of devices. For example, if there is the ability to disable a device, and that functionality is controlled by a controller, and that one controller manages, for example, all the devices in the United States of America, that presents a very large and attractive target for terrorists.
It can also be of concern to have a single controller that has privilege over a large number of devices—especially if that privilege extends to physically disabling device hardware. Many enterprises have this ability. It would be useful to have a system that could prevent the inadvertent or malicious rendering of large numbers of computing devices physically inoperable.
Regarding access to the device, it is arguable that a user would notice the loss of a mobile device, such as a cell phone, before they notice the loss of their wallet or purse. But simply noticing that a mobile device is missing does not guarantee that the proper user will recover the mobile device. At best, the loss of the mobile device will be inconvenient, particularly now that mobile devices are so much more than communication devices. At worst, the loss of the mobile device can result in expenses ranging from replacing the device itself, to expenses incurred through the actions of whatever party obtained the mobile device. Strangely, even though the consequences of losing a mobile device are well-known, many users do not avail themselves of even the first line of security—a password that locks the device. Furthermore, there are situations where after a device is lost or stolen, it may be uncertain that the next possessor or attempted user of the device is actually a proper user of the device. In such situations, it would be useful to have a method for preventing the use of the device until it can be verified that the attempted user of the device is a proper user of the device.