What is a "Secure Message"?
A Secure Message is a Short Text Message that can be sent and received securely using PrivateGSM. Secure Messages share the same communication infrastructure of the Secure Voice communication to exchange data: provided used for secure voice. EVSS do not relay at all on Apple Push Notification or Google Cloud Messaging, in order to protect users' security:
- Server Authentication by SSL certificate.
- HTTPS and SIP over TLS protocols to exchange data in encrypted way.
You can read an overview of features and limitations at the bottom of this document, but for sake of brevity let's say that Secure Messages are text only, thus no attachments are provided. Also maximum Maximum length of a Secure Message is 160 characters.
How does a Secure Message work?
When a customer user chooses to send a Secure Message, it triggers an HTTP HTTPS POST request in his client towards PrivateServer which plays a "store-and-forward" role. As . If recipient is online, Secure Message is immediately delivered. Otherwise it is stored temporarily in PrivateServer up to 3 days before expiring: as soon as the receiver recipient pops up online, PrivateServer delivers the Secure Message.
| Info |
|---|
At current state of development, message encryption is granted on the server for the storing period by an internal key. Future development will implement asymmetric key encryption side-to-side (PGP like, actually)Security model provided is end-to-site: message are protected during transport from wiretapping by TLS. Local temporary storage is encrypted with server key. |
Delivery is performed by SIP over TLS protocol, so as you can see the whole end-to-end path is encrypted and as the message is stored after a local encryption on the server, then there's (almost) no way of deciphering it.
Send Secure Messages
It's possible to write Secure Messages to other parties both by answering them or by writing for your own initiative. In the first case you would probably use the "Contact's History " view, in the latter you would use the "Contacts" list insteadContact's details view instead.
| Note |
|---|
Since the "History" lists all the communication attempted or happened on your PrivateGSM, it's possible to start a conversation using "History" as well, eg: answering to a missed call by a Secure Message or just using one event conveniently. |
...
| Platform | "History" icon |
|---|---|
| Android |  |
| BlackBerry |  |
| iPhone |  |
Once you reached the global history view, you can get an overall look of the activities conversations (voice or messages) occurred on your PrivateGSM:
| Global History list on BlackBerry | Global History list on iPhone | Global History list on Android | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
|
Each item listed in "Global History" can be further detailed by selecting it and clicking on it.
...
groups together all activities with each contact, order by reverse chronological order. Select a contact in global history to have access to contact's history.
| Example of contact's history event on BlackBerry | example of detailed contact's history event on iPhone | example of detailed contact's history event on Android | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
|
...
As you can see in figure
| Xref | ||
|---|---|---|
|
| Xref | ||
|---|---|---|
|
| Xref | ||
|---|---|---|
|
...
| Info |
|---|
Please note that by convention, your outgoing communications are placed on the right side of the screen, as while the incoming ones by the chosen number contact are placed on the left of the screen. |
...
You can send your new message pressing the proper "Send" button in the User interface if you're on Android or iPhone, else on BlackBerry you just use the "Enter" key in your keyboard.
Sending Secure Messages from "
...
Contact's Detail"
As stated before, Secure Messages are also available from "Contacts" view which is probably the best way to start a conversation via text messages. Obviously first thing it to reach the contact you want to write to. Please refer to Performing a secure call with PrivateGSM.
...
Once you reached the specific number of your peer contact, then you can reach the history of communications between you and that number open his contact's history by pressing the "info" icon in Android and iPhone or just pressing the central button on the keyboard in BlackBerry (please check
, Xref AnchorName bb_central_button
and Xref AnchorName iphone_info_icon
).Xref AnchorName android_info_icon
...
| Info |
|---|
Please note that by convention your outgoing communications are placed on the right side of the screen, as while the incoming ones by the chosen number contact are placed on the left of the screen. |
...
As shown above each platform shows the event notification differently, according to the underlying operating system behaviour.
Secure Messages compared to SMSs
Secure Messages
...
provide a user experience very similar to SMS, adding security and with some minor differences. Some current constraints will be relaxed in next versions.
Secure Messages look just like clear text messages but they are not. Instead they are a sophisticated way for writing each other and their complex architecture implies some bounds:
...
- You cannot attach anything to a Secure Message: Secure Messages are actually text only. Binary Messages that could use attachments might come in next releases.
- Secure Message lenght length is fixed to a maximum of 160 characters. Nowadays there's no way to create longer messages. If you need to write more you have to split your text in more messages by yourself.
- Each Secure Message has a time validity, after which it expires. Expiration means that the Secure Message content is no longer readable and it's gone for good. Instead of message content you'd rather read "Message received" or "Message sent".
...
Each time you send a Secure Message you can see a status icon appear appearing on its side. Here follows an explanation of each icon along with its status name and meaning:
| Icon | Description | Meaning | Timeouts and general behaviour |
|---|---|---|---|
Sending Message | PrivateGSM is actually trying to send the Secure Message to its recipient via PrivateServer | If there is some network issue, then PrivateGSM starts the retry procedure: it tries to send 5 times the message to PrivateServer. If it fails at the fifth try (5 * TLSTimeout = 60 secs), then the message remains in the client queue waiting for one of the following triggers:
If more than 12 hours passed and the message is still in client queue waiting to be sent, then the message expires: a "Send error" notification is fired by PrivateGSM and the message is removed from sender local queue
| |
 | Message Enqueued | PrivateGSM was able to send the Secure Message which now is in the queue of PrivateServer encrypted. PrivateServer tries to deliver it to its destinationhas been enqueued in PrivateServer encrypted storage and will be delivered to recipient as soon as possible. | If delivery is not possible because the peer if offline, PrivateServer retries as soon as recipient registers for up to an expiration period (72h), before removing them definitely from the database. If the user is online but there is a network issue, the server try to deliver the message 5 times every 30 seconds. If at the fifth attempt the network issue is still present, the retry procedure will be stopped and the message will be sent when the user will return online. |
| Message Delivered | PrivateServer was able to deliver the Secure Message has been delivered to its recipient. The message could be read as recipient's device, who could have read it or not. | None | |
| Error sending Message | This status is a fall back for any other one and it's triggered both by timeouts and error responses. | None |