Secure short message service (SMS) communications

US 9,537,839 B2
Filed: 05/12/2015
Issued: 01/03/2017
Est. Priority Date: 06/06/2008
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

a receiver configured to receive encrypted text messaging data and a key from a sender associated with a first client device that is remote from the system, wherein the first client device encrypts the text messaging data using a three-factor authentication, wherein a first factor comprises information associated with the sender of the first client device including an identifier comprising a password or a PIN, a second factor comprises information associated with the first client device itself, and a third factor comprises biometric information, and wherein the first client device sends the encrypted text messaging data via a text messaging interface of the first client device to the receiver; and

a processor operatively connected to the receiver, the processor configured to;

compare the received key with a pre-determined key to verify the received key;

once the received key is verified, use the three factor authentication to process one or more unique factors associated with the sender or the first client device, wherein the one more unique factors are known by the system;

decrypt the text messaging data and re-encrypt the text messaging data using a key of a receiver associated with a second client device; and

send the re-encrypted text messaging data to the receiver associated with the second client device, wherein the second client device decrypts the text messaging data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments provide secure messaging communications. In an embodiment, a method comprises receiving, by a service provider processor, an encrypted message and a key from a sender associated with a first client device that is remote from the service provider, wherein the first client device internally encrypts the message. The message also comprises verifying the received key based on at least a comparison with a pre-determined key. Once the received key is verified, the method also comprises processing one or more unique factors associated with the sender or the first client device, wherein the one or more unique factors are known by the service provider. The method further comprises decrypting the message and re-encrypting the message using a key of a receiver associated with a second client device; and sending the re-encrypted message to the receiver associated with the second client device, wherein the second client device decrypts the message.

27 Citations

View as Search Results

20 Claims

1. A system comprising:
- a receiver configured to receive encrypted text messaging data and a key from a sender associated with a first client device that is remote from the system, wherein the first client device encrypts the text messaging data using a three-factor authentication, wherein a first factor comprises information associated with the sender of the first client device including an identifier comprising a password or a PIN, a second factor comprises information associated with the first client device itself, and a third factor comprises biometric information, and wherein the first client device sends the encrypted text messaging data via a text messaging interface of the first client device to the receiver; and
  
  a processor operatively connected to the receiver, the processor configured to;
  
  compare the received key with a pre-determined key to verify the received key;
  
  once the received key is verified, use the three factor authentication to process one or more unique factors associated with the sender or the first client device, wherein the one more unique factors are known by the system;
  
  decrypt the text messaging data and re-encrypt the text messaging data using a key of a receiver associated with a second client device; and
  
  send the re-encrypted text messaging data to the receiver associated with the second client device, wherein the second client device decrypts the text messaging data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The system of claim 1, wherein the text messaging data further comprises Short Message Service (SMS) communications data.
  - 3. The system of claim 1, wherein the receiver is configured to receive the encrypted text messaging data from the text messaging interface of the first client device via a Mobile Network Operator over a network.
  - 4. The system of claim 1, wherein the second factor further comprises an identification number including an IMEI number, an IMSI number or an SE number.
  - 5. The system of claim 1, wherein the third factor further comprises fingerprint or retinal pattern information.
  - 6. The system of claim 1, wherein the processor is further configured to:
    - re-encrypt the text messaging data using the key of the receiver associated with the second client device with hardware key generation or Hardware Security Modules (HSMs).
  - 7. The system of claim 1, wherein the processor is further configured to:
    - send the re-encrypted text messaging data to the receiver associated with the second client device over a network via a Mobile Network Operator.
  - 8. The system of claim 1, wherein the processor is further configured to:
    - receive registration information over a network from the sender associated with the first client device and the receiver associated with the second client device, wherein the registration information further comprises user account information.
  - 9. The system of claim 8, wherein the processor is further configured to:
    - store the user account information, which comprises a specific user identifier that is used to identify a particular sender or receiver.
  - 10. The system of claim 1, wherein the first client device or the second client device is personalized during customization by an operator, a customizer or a device manufacturer.
  - 11. The system of claim 1, wherein the processor is further configured to:
    - work with a Mobile Network Operator to put a certificate issued by the system in a component of the first client device and the second client device.
  - 12. The system of claim 11, wherein the certificate further comprises a X509 certificate.
  - 13. The system of claim 11, wherein the processor is further configured to:
    - maintain signature information associated with the certificate for each one of the first client device and the second client device;
      
      in response to an indication of a transaction being done via the system with the first client device using text messaging data, receiving signature information associated with the certificate of the first client device.
  - 14. The system of claim 13, wherein the signature information further comprises a digital signature including at least one of a time stamp, a dollar amount, a transaction type, an item or a location.
  - 15. The system of claim 14, wherein the location is determined from a GPS enabled client device.
  - 16. The system of claim 13, wherein the signature information is pre-loaded in the first client device or the second client device as EMV (Europay, MasterCard, Visa), or ECC, in addition to the certificate.
  - 17. The system of claim 1 further comprising a payment service provider server.

18. A method comprising:
- receiving, electronically by a processor of a service provider, an encrypted SMS message and a key from a sender associated with a first client device that is remote from the service provider, wherein the first client device internally encrypts the SMS message;
  
  verifying, electronically by the processor, the received key based on at least a comparison with a pre-determined key;
  
  once the received key is verified, processing one or more unique factors associated with the sender or the first client device, wherein the one more unique factors are known by the service provider;
  
  decrypting, electronically by the processor, the SMS message and re-encrypting the SMS message using a key of a receiver associated with a second client device; and
  
  sending the re-encrypted SMS message to the receiver associated with the second client device, wherein the second client device decrypts the SMS message.
- View Dependent Claims (19)
- - 19. The method of claim 18, further comprising:
    - using a three-factor authentication for exchanging the SMS message, wherein a first factor comprises what the sender associated with the first client device knows including a password or a PIN, a second factor comprises what the sender has including a token or the first client device itself, and the third factor comprises what the sender is, including biometric information.

20. A non-transitory computer readable medium on which are stored computer readable instructions and, when executed by a processor, cause the processor to:
- receive encrypted text message data and a key from a sender associated with a first client device, wherein the first client device encrypts the text message data;
  
  compare the received key with a pre-determined key to verify the received key;
  
  once the received key is verified, process a unique identifier associated with the sender or the first client device, wherein the unique identifier is known by the processor;
  
  decrypt the text message data and re-encrypt the text message data using a key of a receiver associated with a second client device; and
  
  send the re-encrypted text message data to the receiver associated with the second client device, wherein the second client device decrypts the text message data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Inventors
Mardikar, Upendra
Primary Examiner(s)
Nguyen, Khai M

Application Number

US14/710,436
Publication Number

US 20150281191A1
Time in Patent Office

602 Days
Field of Search

455/411, 455/466, 455/410, 455/407, 455/419, 455/435.1, 713/176, 713/171, 713/161, 380/247, 380/249, 380/270, 380/278
US Class Current

1/1
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 51/58   Message adaptation for wire...

H04L 63/0464   using hop-by-hop encryption...

H04L 63/06   for supporting key manageme...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 63/0876   based on the identity of th...

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/14   using a plurality of keys o...

H04L 9/302   involving the integer facto...

H04L 9/304   based on error correction c...

H04L 9/3242   involving keyed hash functi...

H04L 9/3249   using RSA or related signat...

H04L 9/3263   involving certificates, e.g...

H04W 12/02   Protecting privacy or anony...

H04W 12/033   of the user plane, e.g. use...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/61   Time-dependent

H04W 12/71 : Hardware identity

H04W 12/72 : Subscriber identity

H04W 4/14 : Short messaging services, e...

View All

Secure short message service (SMS) communications

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

27 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Secure short message service (SMS) communications

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others