Mobile application secure data exchange
First Claim
Patent Images
1. A computer-implemented method comprising:
- generating a message for delivery to a mobile communications device;
encrypting the message and storing the message on a remote server by passing the message through a plurality of security zones that facilitate the performance of separate duties;
providing a notification to the mobile communications device via an unsecure notification modality, the notification indicating the availability of the encrypted message on the remote server and comprising a file location identifier;
receiving user-generated input on the mobile communications device from a recipient selecting the file location identifier;
retrieving, by the mobile communications device, the encrypted message using a file location identifier from the remote server;
and decrypting and rendering the message on the mobile communications device;
wherein the message is generated on a second mobile communications device by a sender, the second mobile communications device automatically deleting the message after it has been passed through the plurality of security zones and stored on the remote server;
wherein the security zones comprise;
an outermost security zone providing unsecured data exchange, a first security zone in which application workers validate sender credentials and message format, a second security zone that receives data validated in the first zone, the validated data being archived or sent to the mobile communications device, a third security zone that receives data from the second security zone to be sent to the mobile communications device, such data being encrypted in the third security zone, and a fourth security zone that receives data from the second security zone that is to be archived and data from the third security zone to decrypt, the fourth security zone providing a highest level of security as compared to the other security zones.
3 Assignments
0 Petitions
Accused Products
Abstract
Techniques are described for secure data exchange using a mobile application on a mobile communications device. Such data exchange can be used in a variety of industries including healthcare and finance. Related apparatus, systems, techniques and articles are also described.
21 Citations
17 Claims
-
1. A computer-implemented method comprising:
-
generating a message for delivery to a mobile communications device;
encrypting the message and storing the message on a remote server by passing the message through a plurality of security zones that facilitate the performance of separate duties;providing a notification to the mobile communications device via an unsecure notification modality, the notification indicating the availability of the encrypted message on the remote server and comprising a file location identifier; receiving user-generated input on the mobile communications device from a recipient selecting the file location identifier;
retrieving, by the mobile communications device, the encrypted message using a file location identifier from the remote server;and decrypting and rendering the message on the mobile communications device;
wherein the message is generated on a second mobile communications device by a sender, the second mobile communications device automatically deleting the message after it has been passed through the plurality of security zones and stored on the remote server;wherein the security zones comprise;
an outermost security zone providing unsecured data exchange, a first security zone in which application workers validate sender credentials and message format, a second security zone that receives data validated in the first zone, the validated data being archived or sent to the mobile communications device, a third security zone that receives data from the second security zone to be sent to the mobile communications device, such data being encrypted in the third security zone, and a fourth security zone that receives data from the second security zone that is to be archived and data from the third security zone to decrypt, the fourth security zone providing a highest level of security as compared to the other security zones. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An article of manufacture comprising:
- computer executable instructions stored on non-transitory computer readable media, which, when executed by at least one data processor, causes the at least one data processor to perform operations comprising;
generating a message for delivery to a mobile communications device;
encrypting the message and storing the message on a remote server by passing the message through a plurality of security zones that facilitate the performance of separate duties;
providing a notification to the mobile communications device via an unsecure notification modality, the notification indicating the availability of the encrypted message on the remote server and comprising a file location identifier;
receiving user-generated input on the mobile communications device from a recipient selecting the file location identifier;
retrieving, by the mobile communications device, the encrypted message using the file location identifier from the remote server; and
decrypting and rendering the message on the mobile communications device;
wherein the message is generated on a second mobile communications device by a sender, the second mobile communications device automatically deleting the message after it has been passed through the plurality of security zones stored on the remote server;wherein the security zones comprise;
an outermost security zone providing unsecured data exchange, a first security zone in which application workers validate sender credentials and message format, a second security zone that receives data validated in the first zone, the validated data being archived or sent to the mobile communications device, a third security zone that receives data from the second security zone to be sent to the mobile communications device, such data being encrypted in the third security zone, and a fourth security zone that receives data from the second security zone that is to be archived and data from the third security zone to decrypt, the fourth security zone providing a highest level of security as compared to the other security zones. - View Dependent Claims (13, 14, 15, 16)
- computer executable instructions stored on non-transitory computer readable media, which, when executed by at least one data processor, causes the at least one data processor to perform operations comprising;
-
17. A system comprising:
- at least one data processor;
memory storing instructions which, when executed by the at least one data processor, causes the at least one data processor to perform operations comprising;
generating a message for delivery to a mobile communications device;
encrypting the message and storing the message on a remote server;
providing a notification to the mobile communications device via an unsecure notification modality, the notification indicating the availability of the encrypted message on the remote server and comprising a file location identifier;
receiving user-generated input on the mobile communications device from a recipient selecting the file location identifier;
retrieving, by the mobile communications device, the encrypted message using the file location identifier from the remote server; and
decrypting and rendering the message on the mobile communications device;
wherein the message is generated on a second mobile communications device by a sender, the second mobile communications device automatically deleting the message after it has been passed through the plurality of security zones stored on the remote server;
wherein data used to generate and retrieve the message passes through each of a plurality of security zones that facilitate the performance of separate duties comprising;
an outermost security zone providing unsecured data exchange, a first security zone in which application workers validate sender credentials and message format, a second security zone that receives data validated in the first zone, the validated data being archived or sent to the mobile communications device, a third security zone that receives data from the second security zone to be sent to the mobile communications device, such data being encrypted in the third security zone, and a fourth security zone that receives data from the second security zone that is to be archived and data from the third security zone to decrypt, the fourth security zone providing a highest level of security as compared to the other security zones.
- at least one data processor;
Specification