Embodiments of the invention are directed to systems and methods related to conducting secure message exchanges.
The Internet has made it increasingly easy for electronic interactions to be conducted between computing devices (e.g., mobile phones, tablet computers, etc.). However, it has also increased the risks of fraudulent interactions, as well as the risk of data being compromised. Thus, it can be difficult to be ascertain whether messages received from an unknown device are reliable.
To mitigate such uncertainty, some conventional systems use digital certificates in message exchanges. The digital certificates are issued by and verifiable by a certificate authority. Digital certificates can be used to verify that a person or device that is sending a message is what is who it says it is. In some other systems, message exchanges require that a token such as a password or secret be verified by between two devices before they can communicate. Knowledge of the password or secret by an unknown device can demonstrate to another device that the unknown device can be trusted.
While such conventional trust systems are effective, a number of improvements can be made. For example, two devices that are not directly connected and have not agreed to a common authentication or trust scheme may not interact with each other, despite the possibility that the message exchanges between such devices may have a legitimate and honest purpose. For instance, a car made by a car manufacturer may wish to communicate with a watch made by a watch manufacturer. These devices may have the ability to communicate with external devices, but the car and the watch may not have agreed to communicate according to a predetermined authentication and/or trust protocol. Thus, there is a need for improved techniques for assessing the reliability of devices so that they may communicate and/or interact with each other, despite the fact that they may not have prior knowledge of each other's trustworthiness.
Embodiments of the invention address these and other problems, individually and collectively.