Field
The technology disclosed relates to secure exchange of data between mobile devices. In particular, pairwise cryptographic connections are automatically established between first and other mobile devices. Independently generated distinctive visual traits for display on a pair devices are based on a unique characteristic of a particular pairwise cryptographic connection. The independently generated distinctive visual traits allow a user to verify which two devices will exchange information, upon acceptance of a match between respective visual traits.
Introduction
The exchange of private data between mobile devices, such as contact info, has been an ongoing problem for mobile device users now for many years. There have been many attempts to solve this problem, trying to find the appropriate balance between ease of use, security, and general social acceptance. However, there still remains a need for a more robust method for quickly and easily connecting two physical devices, without the dependence on a server or any other intermediary service, so that data can be transferred only when intended and only to the intended recipient.
In the early years of mobile devices, such as Apple Newton and Palm Pilot, the use of infrared beaming proved to be popular and very functional. However, it was sometimes challenging for the users to align their devices such that the infrared sensors were perfectly facing each other.
In recent years infrared communication has lost favor, and the latest generation of mobile devices have relied instead on various wireless communication modes such as WIFI, Bluetooth, and NFC for the exchange of private data between mobile devices. Some commercially available solutions are Android Beam, Samsung S-Beam, Apple AirDrop and Bump.
Android Beam uses NFC, a point-to-point radio technology, to easily and securely transfer data between two devices that have to be held right next to each other in a very specific, back-to-back orientation. The caveats to this solution are that NFC is only available in a limited set of mobile devices (not available on iPhones), and it requires users to hold their devices in a very specific orientation with the devices essentially touching each other. This can be physical awkward to accomplish for novice users.
Samsung's S-Beam solution uses NFC to first establish a secure connection between two devices, and then switches over to using WIFI Direct for the actual data transfer between devices. The benefit over Android Beam is that data transfer is much faster over WIFI Direct than NFC. This solution requires newer mobile devices that support WIFI Direct, and still suffers from the same caveats noted for Android Beam.
Apple has recently provided a solution called AirDrop that is similar to Samsung's S-Beam. With AirDrop, two devices discover the presence of each other using either Bluetooth LE (a wireless PAN) or Bonjour over a local WIFI network. After the presence of other nearby mobile devices has been discovered, users are required to select the mobile device of the intended recipient from a list. Data transfer proceeds afterwards, using either the local WIFI network or with WIFI Direct if a local WIFI network is unavailable.
The benefit to AirDrop is that it does not require a user to hold their mobile device in a potentially awkward orientation. However, the caveat is that a mobile device user is now required to select the intended recipient from a list of other possible nearby recipients before they can proceed. And if the data transfer is bi-directional, as in the case of two mobile device users exchanging contact info, both mobile device users are required to identify and select the correct intended recipient from their respective lists.
Bump is a creative yet complex solution that requires Internet access, GPS, and an intermediary service, to easily and securely connect two mobile devices in preparation for data exchange. Two mobile users simply “bump” their two mobile devices against each other to initiate data transfer. With the event detected by onboard accelerometers, the current GPS geolocation and time are sent to a server from both mobile devices. The server, by matching received “bump” events by geolocation and time, is able to validate data exchange between two devices acting as a trusted intermediary. This solution is quick and easy for users to comprehend, but has numerous caveats. First of all, bumping of devices is a physically awkward task with each user not really sure how hard to bump, and how hard the other user is going to bump. Bump too hard, and one user may lose their grip of their mobile device. Bump too softly, and the “bump” event is not recognized. This solution is also very dependent on a complex set of services: a good GPS signal which is sometimes difficult to obtain indoors, access to the Internet, and access to the trusted intermediary online service.
There remains an opportunity to introduce a solution that is so simple that it does not break the flow of conversation between people. New technology could address issues such as solutions that require too many steps, require multiple attempts, or require a cognitive shift by requiring data input or device selection.