1 MOBILE COMPUTING DEVICE SECURITY Field [0001] The present application relates to computing device security and, more particularly, to obtaining evidence of an unsuccessful attempt to login a computing device. Background [0002] As smartphones become more ubiquitous and powerful, an increasing number of people nowadays rely on smartphones for various reasons, including storage of sensitive information. Most smartphones are therefore secured with various means of user authentication, including passwords, passcodes (personal identification number, PIN), patterns and even biometric characteristics. Tablet devices and personal computers (e.g., notebook computers) may be similarly secured. [0003] However, some forms of user authentication provide weak protection against repeated login attempts. In the case of passwords, some users tend to secure their devices with easy-to guess passwords, which may include combinations of names and dates that are meaningful to the users (e.g., dates of birth). In the case of patterns, users may use patterns readily identifiable from fingerprint smudges on touchscreens or the like. [0004] Lockscreens are used with computing devices and are configured to block login attempts for a predetermined duration in response to a predetermined number of consecutive unsuccessful login attempts. This, however, can merely delay the eventual security breach. Furthermore, because some users are reluctant to change their passwords regularly, once an unauthorised person gains access to a device in the above manner, the unauthorised person will be able to repeatedly access the smartphone with ease without the owner of the device ever knowing about the security issue. Summary [0005] One object of the present invention is to substantially overcome or at least ameliorate one or more disadvantages of the prior art.
2 [0006] According to one aspect of the present disclosure, a mobile computing device comprising: a processor unit; and an image capture module, a touch screen unit, a data storage unit and a wireless network interface unit each operatively associated with the processor unit; the data storage unit storing login information and instructions for causing the processor unit to: receive, via the touch screen unit, an input to login to the computing device; compare the received input with the login information; in response to a comparison result indicative of an unsuccessful login attempt, capture, using the image capture module, image data corresponding to a user of the smartphone; and provide the image data for access by an authorised person by at least one of: storing the image data in the data storage unit; sending a multimedia messaging service (MMS) message including the image data via the wireless network interface unit; and sending an email including the image data via the wireless network interface unit. According to another aspect, there is provided A software application comprising instructions for causing a processor unit of a computing device to: in response to detecting an unsuccessful attempt to login the computing device, obtain, using an image capture module of the computing device, image data corresponding to a user of the computing device; and provide the obtained image data for access by an authorised person. [0007] According to another aspect, there is provided a software application comprising instructions for causing a processor unit of a mobile computing device to: in response to detection of an unsuccessful attempt to login the mobile computing device, capture, using an image capture module of the mobile computing device, image data corresponding to a user of the computing device; and provide the image data for access by an authorised person by at least one of: storing the image data in a data storage unit of the mobile computing device; sending a multimedia messaging service (MMS) message including the image data via a wireless network interface unit of the mobile computing device; and sending an email including the image data via the wireless network interface unit. [0008] According to yet another aspect, there is provided a computing device comprising: a processor unit; and an image capture module, a user interface unit and a data storage unit each operatively associated with the processor unit; the data storage unit storing login information and instructions for causing the processor unit to: receive, via the user interface unit, an input to login to the computing device; compare the received input with the login information; in response to a comparison result indicative of an unsuccessful login attempt, capture, using the 3 image capture module, image data corresponding to a user of the computing device; and provide the image data for access by an authorised person. [0009] According to yet another aspect, there is provided a software application comprising instructions for causing a processor unit of a computing device to: in response to detection of an unsuccessful attempt to login the computing device, capture, using an image capture module of the computing device, image data corresponding to a user of the computing device; and provide the image data for access by an authorised person. Brief Description of Drawings [0010] At least one embodiment of the present invention will now be described with reference to the drawings, in which: Figure 1 is a schematic block diagram showing a typical computing device in the exemplary form of a smartphone in operative association with a server device via a network; and Figure 2 is a flowchart showing steps of a preferred method of obtaining evidence of an unsuccessful attempt to login a computing device. Detailed Description [0011] Figure 1 shows a computing device 100 (e.g., a smartphone, a tablet device or a personal computer) operable to execute a software application including instructions to perform steps of a method 300, as shown in Figure 2, for obtaining evidence of an unsuccessful attempt to login the computing device 100 via an associated conventional login process 200. [0012] The computing device 100 includes a processor unit 101 (e.g., a central processing unit), an image capture module 102 (e.g., a camera), an audio pickup module 103 (e.g., a microphone), a user interface unit 104 (e.g., a keypad and display, or a touchscreen module), a data storage unit 105 (e.g., ROM and/or MicroSD) and a network interface unit 106 (e.g., cellular, WiFi and/or Bluetooth). Depending on implementation of the computing device 100, the network interface unit 106 may also include a wired network interface. The computing device 100 may include other components according to need. In a typical configuration, the data storage unit 105 4 stores instructions for executing the conventional login process 200 and login information associated therewith, together with instructions for performing the method 300. [0013] The conventional login process 200 is traditionally found on smartphones, tablets and notebook computing devices, and typically includes steps 201 to 205. The login information associated with the conventional login process 200 is selected from, for example, a password, a passcode, a pattern, a PIN, biometric data, or combinations thereof. [0014] In a first exemplary implementation, the computing device 100 takes the form of a smartphone, the user interface unit 104 thereof includes a touchscreen module for user input of commands, the image capture module 102 thereof includes a front-facing camera module, and the login information includes the exemplary passcode of "4321". Further, the conventional login process 200 typically operates in concert with a graphical user interface (GUI) through which user input of commands can be received by the processor unit 101. [0015] In step 201, the processor unit 101 receives, via the touchscreen module 104 through the GUI, a user input of a passcode attempt for unlocking a lockscreen (not shown) of the smartphone 100, and proceeds to step 202. For example, the passcode inputted by the user is "1234". [0016] In step 202, the processor unit 101 compares the received user input ("1234") with the login information ("4321") in the data storage unit 105, and proceeds to step 203. [0017] In step 203, the processor unit 101 determines whether access to the computing device 100 is to be granted based on a result of comparison. The process 200 proceeds to step 205 to grant the access if the result is indicative of the input corresponding to the login information. The process 200 proceeds to step 204 to indicate a login failure and subsequently returns to step 201 for a further login attempt if otherwise. The indication of login failure can take the form of at least one of visual, audible and vibrational indications. [0018] The method 300 includes steps 301 and 302, which are marked by the dashed box in Figure 2. The method 300 is exemplified as being performed by the processor unit 101 in response to detection of an unsuccessful attempt to login the computing device 100 (i.e., login failure), more particularly in response to the processor unit 101 determining in step 203 that the result of comparison is indicative of the input not corresponding to the login information. In 5 practice, step 301 can be performed before, after or concurrently with the indication of login failure in step 204. Alternatively, the method 300 may also be arranged such that step 204 is performed after step 301 and before step 302. [0019] In step 301, the processor unit 101 captures (or causes the capture) of image data using the front-facing camera module 102, the image data representing at least one image corresponding to a user of the smartphone. For most smartphones, because their front-facing cameras are arranged to capture images of faces of their users when the smartphones are held in a normal handheld viewing position, the image thus obtained by the processor unit 101 enables identification of the user, which in this case is the user who entered unsuccessful login credential. Such image data can also be associated with corresponding audio data captured using the microphone 103. [0020] Next, the processor unit 101 proceeds from step 301 to step 302, where the processor unit 101 provides the image data (and/or the audio data) for access by an authorised person (e.g., an owner of the smartphone 100, an authorised colleague or spouse). In one arrangement, the processor 101 stores such evidentiary data in the data storage unit 105 for access by the authorised person upon successful login. In another arrangement, the processor unit 101 sends a multimedia messaging service (MMS) message including such evidentiary data via the network interface unit 106 through a network 120 (e.g., the Internet) to a server device 140 or another smartphone for access by the authorised person. In yet another arrangement, the processor unit 101 sends an email including the image data via the network interface unit 106 through the network 120 to the server device 140 for access by the authorised person, for example, via another computing device. Depending on configuration, more than one of these exemplary arrangements can be performed in step 302. The data transmitted to the server device 140 can be accessed by the authorised person using the computing device 100 or another such device. [0021] It can be appreciated from the above disclosure that the processor unit 101 can be configured to provide in step 302 such evidentiary data via the network interface unit 106 through the network 120 to any predetermined network location or address (e.g., a uniform resource location, URL) accessible by any authorised person. [0022] The software application 300 is exemplified in Figure 1 as being stored in the data storage unit 105. However, the software application can be otherwise stored, depending on 6 implementation. The software application 300 can be downloaded from, for example, an online software store for enhancing security of the conventional login process 200, where the software application includes instructions corresponding to steps 301 and 302. In an alternative implementation where the software application is in the form of a system component serving to provide an entire login interface, the software application includes the entirety of Figure 2. Configuration of the software application is not limited to such. [0023] In a further implementation, the processor unit 101 records only audio using the audio pickup module 103. [0024] Where desired, the image and/or audio data thus obtained can be protected by way of, for example, encryption to prevent access (e.g., deletion) by an unauthorised person upon successful login. [0025] Further, where the computing device 100 includes other sensors whose data are suitable for identification of users of the computing device 100, method 300 may be such that, in steps 304 and 305, the processor unit 101 obtains sensor data from such sensors for access by the authorised person in the abovementioned manner. [0026] In summary, the image and/or audio data are made available to the owner of the computing device (or an authorised person), whether on the computing device or another such device, to facilitate identification of a person who made an unsuccessful attempt to access the device, enabling the owner (or the authorised person) to respond accordingly and timely to any unauthorised access attempt. [0027] It should be noted that the present invention is not limited to what has been particularly shown and described hereinabove. A variety of modifications and variations are possible in light of the above disclosure without departing from the scope and spirit of the invention, which is limited only by the following claims.