Secure short message service (SMS) communications

US 10,595,201 B2
Filed: 06/06/2019
Issued: 03/17/2020
Est. Priority Date: 06/06/2008
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a non-transitory memory; and

one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising;

receiving, by a cryptography application of a user device from a text messaging application of the user device, a request to encrypt a message for sending to a remote device;

applying, by the cryptography application, a message authentication code (MAC) function to a device identifier of the user device and a variable negotiated between the user device and the remote device;

generating, by the cryptography application, a MAC value based on the applying;

encrypting, by the cryptography application, the message using an encryption key generated based on at least one of the device identifier or the variable;

passing, by the cryptography application, the encrypted message and the MAC value to the text messaging application; and

causing the text messaging application to transmit the encrypted message along with the MAC value to the remote device over a network, wherein the MAC value enables at least one of the message or a user of the user device to be authenticated by the remote device based on the MAC value.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, and computer program products for providing secure messaging communications are disclosed. For example, a computer-implemented method may include receiving an encrypted message and a key from a sender associated with a first computing device where the encrypted message is generated by the first computing device, verifying the received key at least in part based on a comparison with a pre-determined key, processing one or more unique factors associated with the sender in view of verifying the received key, decrypting the encrypted message, re-encrypting a result of the decrypting using a key of a receiver associated with a second computing device, and sending the re-encrypted result to the receiver associated with the second computing device.

31 Citations

View as Search Results

20 Claims

1. A system, comprising:
- a non-transitory memory; and
  
  one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising;
  
  receiving, by a cryptography application of a user device from a text messaging application of the user device, a request to encrypt a message for sending to a remote device;
  
  applying, by the cryptography application, a message authentication code (MAC) function to a device identifier of the user device and a variable negotiated between the user device and the remote device;
  
  generating, by the cryptography application, a MAC value based on the applying;
  
  encrypting, by the cryptography application, the message using an encryption key generated based on at least one of the device identifier or the variable;
  
  passing, by the cryptography application, the encrypted message and the MAC value to the text messaging application; and
  
  causing the text messaging application to transmit the encrypted message along with the MAC value to the remote device over a network, wherein the MAC value enables at least one of the message or a user of the user device to be authenticated by the remote device based on the MAC value.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the operations further comprise:
    - causing the text messaging application to prompt the user of the user device for a passcode;
      
      obtaining the passcode from the text messaging application; and
      
      authenticating the user for using the cryptography application based on the passcode, wherein the encrypting the message is in response to authenticating the user.
  - 3. The system of claim 2, wherein the encryption key is generated further based on the passcode.
  - 4. The system of claim 1, wherein the variable comprises at least one of a timestamp or a counter.
  - 5. The system of claim 1, wherein the message comprises financial transaction data.
  - 6. The system of claim 1, wherein the operations further comprise:
    - receiving, by the text messaging application, an input from the user;
      
      analyzing, by the text messaging application, the input;
      
      determining, by the text messaging application, that the input is associated with a financial transaction based on the analyzing; and
      
      transmitting, by the text messaging application to the cryptography application, the request to encrypt the message in response to determining that the input is associated with the financial transaction, wherein the message comprises the input.
  - 7. The system of claim 1, wherein the cryptography application and the text messaging application are connected via a physical secured link.

8. A method, comprising:
- receiving, by a cryptography application of a user device from a text messaging application of the user device, a request to encrypt a message for sending to a remote device;
  
  applying, by the cryptography application, a message authentication code (MAC) function to a device identifier of the user device and a variable agreed upon between the user device and the remote device;
  
  generating, by the cryptography application, a MAC value based on the applying;
  
  encrypting, by the cryptography application, the message using an encryption key;
  
  passing, by the cryptography application, the encrypted message and the MAC value to the text messaging application; and
  
  transmitting, by the user device, the encrypted message along with the MAC value to the remote device over a network.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein MAC value enables the remote device to authenticate at least one of the message or a sender of the message based on the MAC value.
  - 10. The method of claim 8, further comprising:
    - decrypting the encrypted message using the device identifier and the variable;
      
      determining a recipient of the message based on the decrypted message;
      
      re-encrypting the decrypted message using a device identifier associated with a second user device of the recipient; and
      
      transmitting the re-encrypted message to the second user device.
  - 11. The method of claim 8, wherein the device identifier comprises at least one of an international mobile equipment identity (IMEI) number, or an international mobile subscriber identity (IMSI) number.
  - 12. The method of claim 8, wherein the MAC function comprises at least one of a Rivest-Shamir-Adleman (RSA) algorithm or an Elliptic Curve Cryptography (ECC) algorithm.
  - 13. The method of claim 8, wherein the encrypted message and the MAC value are transmitted over the air via a short-message-system (SMS) communication chip of the user device.
  - 14. The method of claim 8, further comprising:
    - receiving, by the text messaging application, an input from a user;
      
      analyzing, by the text messaging application, the input;
      
      determining, by the text messaging application, that the input is associated with a financial transaction based on the analyzing; and
      
      transmitting, by the text messaging application to the cryptography application, the request to encrypt the message in response to determining that the input is associated with the financial transaction, wherein the message comprises the input.

15. A non-transitory machine-readable medium having stored thereon machine-readable instructions executable to cause a machine to perform operations comprising:
- receiving, by a cryptography component of the machine from a text messaging component of the machine, a request to encrypt a message for sending to a remote device;
  
  applying, by the cryptography component, a message authentication code (MAC) function to a device identifier of the machine and a variable negotiated between the machine and the remote device;
  
  generating, by the cryptography component, a MAC value based on the applying;
  
  encrypting, by the cryptography component, the message using an encryption key generated based on at least one of the device identifier or the variable;
  
  passing, by the cryptography component, the encrypted message and the MAC value to the text messaging component via a physical connection; and
  
  causing the text messaging component to transmit the encrypted message along with the MAC value to the remote device over a network.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory machine-readable medium of claim 15, wherein the cryptography component and the text messaging component are connected via a physical secured link within the machine.
  - 17. The non-transitory machine-readable medium of claim 15, wherein the operations further comprise:
    - causing the text messaging component to prompt a user of the user device for a passcode;
      
      obtaining the passcode from the text messaging component; and
      
      authenticating the user based on the passcode, wherein the encrypting the message is in response to authenticating the user.
  - 18. The non-transitory machine-readable medium of claim 15, wherein the variable comprises at least one of a timestamp or a counter.
  - 19. The non-transitory machine-readable medium of claim 15, wherein the message comprises financial transaction data.
  - 20. The non-transitory machine-readable medium of claim 15, wherein the operations further comprise:
    - receiving, by the text messaging component, an input by a user;
      
      analyzing, by the text messaging component, the input;
      
      determining, by the text messaging component, that the input is associated with a financial transaction based on the analyzing; and
      
      transmitting, by the text messaging component to the cryptography component, the request to encrypt the message in response to determining that the input is associated with the financial transaction, wherein the message comprises the input.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Inventors
Mardikar, Upendra
Primary Examiner(s)
Nguyen, Khai M

Application Number

US16/433,875
Publication Number

US 20200029215A1
Time in Patent Office

285 Days
Field of Search
US Class Current
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 51/58   Message adaptation for wire...

H04L 63/0464   using hop-by-hop encryption...

H04L 63/06   for supporting key manageme...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 63/0876   based on the identity of th...

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/14   using a plurality of keys o...

H04L 9/302   involving the integer facto...

H04L 9/304   based on error correction c...

H04L 9/3242   involving keyed hash functi...

H04L 9/3249   using RSA or related signat...

H04L 9/3263   involving certificates, e.g...

H04W 12/02   Protecting privacy or anony...

H04W 12/033   of the user plane, e.g. use...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/61   Time-dependent

H04W 12/71 : Hardware identity

H04W 12/72 : Subscriber identity

H04W 4/14 : Short messaging services, e...

View All

Secure short message service (SMS) communications

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

31 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure short message service (SMS) communications

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links