Secure SMS tech could see bank PINs sent via text

New encryption technology could make text messages so secure that new bank card PINs could be sent as an SMS, reports.

Serbian company Infobip has created the Secure Smart Messaging Service (SSMS), which has already passed the rigorous PCI DSS standards for that payment card industry.

The system works by encrypting everything from the corporate server, meaning that no-one at the company can read the messages which are sent. Once it leaves the mobile network SMSC, standard mobile encryption is relied upon to deliver the message securely. Whilst this final point of the journey isn’t as secure, developers have argued that it’s no less secure than sending such sensitive data through the postal system.

It is thought such a scheme could be widely used for two-step authentication processes, such as those when a person has been sent a new bank card and will then receive their PIN separately, notes. For this, banks could simply text the account holder their PIN after a card was sent via post.

A user would then be advised to delete the text message from their phone once read and understood as it could then prove to be a threat if left alone. Additional systems such as those used by Snapchat, however, could be advantageous. This uses a self-destruct style of system whereby messages are terminated automatically after a certain time has elapsed since opening.