Apple looks to curb Web browser UI spoofing using real-time camera images

Source: USPTO

As Apple's iOS and Mac computing devices become more popular among mainstream consumers, the company has faced a number of security threats attempting to garnish sensitive user information. A new patent application discovered on Thursday addresses a specific type of Web-based attack called spoofing.

Apple's filing for a "Graphical user interface element incorporating real-time environment data" is an attempt to deal with nefarious code that can "spoof," or mimic, a Web browser's graphical user interface. In such cases, the malicious creator can redirect a user to another spoofed webpage, tricking them into giving up personal data, like usernames, passwords and credit card numbers.

To address the threat, Apple has devised a system which uses a device's various on-board sensors, including cameras, ambient light sensors and microphones, among others, to constantly update a browser's GUI — sometimes referred to as "chrome" — with real-time environment data.

According to the document, the incorporation of real-time video into a UI element provides added assurance that an interface is legitimate. In theory, as long as the content being provided to the content renderer does not have access to a device's on-board sensors, the chrome cannot be spoofed.

The application offers the example of a generic browser interface, as seen above, which displays forward and back buttons, a "Go To" bar and search bar. The elements are disposed in the chrome above an active webpage.

In this particular example, a device's front-facing camera is used to generate a real-time video feed. The chrome presents the image in background chrome. Said image can be blended in with the default background color or mirrored to create the illusion that the browser chrome is reflective.

In another embodiment, the camera image is not mirrored, creating the illusion of a transparent window.

If in doubt, the user can check, e.g., by moving the camera (which may entail moving the entire device if the camera is built into the device) or moving an object in the field of view of the camera (e.g., waving a hand).

In addition, data from other components like an ambient light sensor or microphone can be used to update the UI in real-time. For example, a chrome's background can be changed dynamically to reflect changes in surrounding light, or its color can be "pulsed" in time with an environment's sounds.

The remainder of the patent filing deals with alternative implementations of real-time environment data, including user-selectable chrome tweaks such as transparency, frame rate and blurring, among other choices. As seen below, a UI can also be presented to help make these changes, with a preview window showing available options in real-time.

It is not known whether Apple will implement the tech into future versions of its iOS or OS X machines, though malware is becoming a more legitimate threat to the company's ecosystem. One notorious malware called "Flashback" surfaced in 2011, targeting Macs by posing as an Adobe installer. After tricking users into installing, the nefarious program was built to connect to a remote server, with an end game of sending out payloads containing snooping software and other malicious code.

Still, for the proposed system to work efficiently, Apple must first ensure security in the apps it allows through the review process. In August, a research team from Georgia Tech managed to get a malicious app into the iOS App Store. Named "Jekyll," the program disguised itself as a news delivery program and, once installed, was able to post tweets, send email messages and direct mobile Safari to a malicious website.

Apple's real-time chrome updater security patent was first filed for in 2012 and credits Scott A. Grant as its inventor.