| CPC H04L 63/0846 (2013.01) [H04L 63/0853 (2013.01)] | 20 Claims |
|
1. A computer-implemented method for securing authentication procedures, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
monitoring, by a third-party security application, to detect reception of a second factor authentication token as an input to complete a second factor authentication procedure in connection with a second application that is independent from the third-party security application;
verifying, by the third-party security application, whether or not the second factor authentication token was transmitted by a valid server in coordination with the second application as part of an authentic version of the second factor authentication procedure; and
performing a security action to protect a user account based on a result of verifying whether or not the second factor authentication token was transmitted by the valid server in coordination with the second application as part of the authentic version of the second factor authentication procedure, wherein, upon verifying that the second factor authentication token was not transmitted by the valid server, performing the security action comprises:
accessing an accessibility service provided by an operating system environment on the computing device to identify the second application; and
blocking a user input from being received by the second application by intercepting an accessibility event and preventing the accessibility event from being relayed to the second application.
|