1. The Field of the Invention
The present invention relates to secure communications and/or communication technologies that allow people to interact and transact with individuals and/or organizations. In particular, the present invention relates to systems and methods for forming a trusted network while providing various security, scalability, interaction, user interface elements and trackability features for communications and/or transactions occurring in association with the trusted network.
2. The Relevant Technology
The digital age has revolutionized the way that people communicate with each other—both for personal communications and business communications. For some people, email is the preferred method of communication and has replaced other forms of communication such as in person meetings, telephonic conversations, standard post, facscimile, and the like. However, despite the obvious convenience and cost advantage of sending information electronically, many individuals and organizations are still unable to use email due to structural weaknesses and vulnerabilities found in the underlying technology: SMTP. SMTP (Simple Mail Transfer Protocol) was designed in 1982 as a simple communication protocol to facilitate the transfer of messages from one machine on a network to a user on another machine. SMTP was developed in a trust-based environment and came to light long before eCommerce, online banking, healthcare, and legal industries presented new, more stringent requirements as to how information should be sent. Although security remains one of the primary concerns and reasons that individuals and organizations are unable to use SMTP-based email, there are other issues including a lack of functionality and an inability to compose, transport and display complex sets of information that go beyond simple text.
SMTP, specifically, lacks a basic facility to authenticate senders and recipients on the network and permits users to construct messages fraudulently and masquerade as other individuals or organizations. The underlying network construct and protocol do nothing to prevent this and instead rely on the recipient to wade through all incoming messages to determine which are legitimate and which are not.
Spam, or unsolicited email has risen significantly in occurrence over the past decade and, by some accounts, accounts for more than 90% of all email traffic. SMTP was built to ensure delivery of a message, not prevent messages from being sent. As a result, there is no provision within the SMTP protocol to examine messages at the point of entry into the network, only to filter what is received on the other end. This places a huge cost and administrative burden on the recipient to have the bandwidth, hardware, software and time to manage it all.
Thus, it would be advantageous to assure a sender that a communication will get to its intended destination in its original form and, conversely, assure a recipient that a communication is coming from a trusted person or source. SMTP has no provisions to guarantee the origin on the message and who sent it. SMTP is unable to determine the sender type. It would be advantageous to notify a recipient whether the message originated from a known and institution or individual.
SMTP also has no provisions to determine the type of message traveling through a server. This is an important functional shortcoming in that many recipients would like to receive certain types of information from an individual or organization, but not others. For example, users may want to receive a bank statement, but not promotional material from a bank.
In addition, SMTP is a simple, text-based protocol. If the sender includes any additional content other than text in the SMTP message, the additional content (such as binary data, audio, video, etc.) must be munged (attached) to the SMTP message body via Multipurpose Internet Mail Extensions (MIME). This approach to dealing with binary data requires that the content or application be handed off to the operating system and/or a “helper” application. This redirection outside of the email environment is a key attribute to modern Phishing attacks (email fraud attacks) where users are asked to click on a link embedded in an email message and are redirected to a fraudulent website. Further, the additional content is always related to the SMTP message body, which makes it difficult to file, sort, and organize the additional content for both the sender and the recipient.
Furthermore, communication systems across organizations are tied to the email address paradigm in which the DNS naming system has conventionally been used to direct messages from a sender to a recipient. Thus, if a person does not know a person's email address, it is difficult to contact that person through electronic means. In addition, even if a person has an email address, it is difficult to keep this information updated and current. Often a person trying to contact another person is informed by a webmaster or server that the recipient's email address is no longer functional, but is given no other information on how to contact that recipient. It would be desirable to have the ability to contact individuals and organizations electronically without total reliance on email addresses for that information.
Another aspect of inflexibility is the inability of a sender or recipient to define where and how messages are stored. With SMTP-based email, messages simply arrive in a given user's inbox. When the sender transmits large files, it is difficult for the recipient to retrieve important messages when a large attachment is ahead of these messages in download order. Also, the current email paradigm generally prevents users from having adequate storage space which means that certain messages are likely to be returned as undeliverable. For example, if a sender is sending a large file (5 MB) to a recipient, the sender may not want to commit the recipients to storing such a large file in the recipient mailbox.
SMTP is also highly inefficient sending messages and attachments to multiple recipients. For example, when a sender creates and sends a 5K message and 5 MB attachment to 10 unique recipients, that message is replicated 10 times and will be sent out to each recipient. This results in 50K of bandwidth and storage for the message body and 50 MB for the attachment.
Given the inefficiencies mentioned above, there is a need to reduce the sheer amount of information being sent out in an effort to reduce hardware, software and bandwidth requirements. When having to send an SMTP message to potentially millions of individuals, the organization must be equipped to handle the bandwidth required to accomplish this. In addition, network activities which require individuals to access the organization can cause bandwidth problems at peak high usage times, etc. It would be an advantageous to send only a minimum amount of information.
Although solutions exist today to provide some level of control over email sent within an organization's boundary, SMTP cannot provide any sort of control over each message once it has left the organization. For example, the organization does not have control over who has access to a message or its attachments, where copies are stored, who is forwarding the communication, preventing alteration of the communication, retracting the communication, etc. It would be advantageous to provide organizations with the ability to maintain control over aspects of messaging that occur once the communication leaves the organizational boundary.
There are many inefficiencies with regard to how SMTP routes message traffic, and deliverability in general, which would be advantageous to resolve. For example, there is no provision within SMTP to provide delivery notification back to the sender. Additionally, should a machine be offline and be unable to process inbound email traffic as expected, emails may queue up for an inordinate amount of time and no timely notification will be sent to either the recipient or the sender. There is also no concept within SMTP of being able to get a message back once it has left the organizational boundary. SMTP operates on a system of “fire and forget.” It would be advantageous to be able to retrieve messages and/or perform verifications, approvals, or other analysis on a message and/or recipients of a message determine whether it the message should be sent into the network.
SMTP is one-dimensional as an electronic communication technology. SMTP cannot distinguish between a message that is high-priority and one that is of a lower priority. They are all treated the same. It would be advantageous to route important or priority messages differently, according to the priority or importance of the message, depending on the desires of the sender or the recipient. For example, it would be beneficial to receive an SMS, Fax or phone call should a fraud alert be sent from a person's bank, and not just an email message.
Finally, SMTP messaging has no facility to provide for categorization of messages or attachments. It would be advantageous, for example, to have a bank statement be categorized automatically as a “statement” so that it could be filed or otherwise treated uniquely on the receiving end as a statement.