Sent Message Decryption Timeout

ESME allows users to set a period of hours a SMS message can be decrypted for. By default this is 72 hours but this can be changed as a default with in the apps settings, or set on a per message basis when drafting a new encrypted message.

This means any SMS message you send using ESME can only be decrypted by the ESME app on the device registered with the telephone number you have sent the message too within the time frame you have specified.


Local & Master PIN’s

ESME uses both a Local and Master PIN/ Password.

When the App is first installed you are required to set a PIN or Password.

This PIN / Password is encrypted and stored locally, a hashed identifier is also sent via SMS to the ESME registration service, this is stored along side the number you are registering from.

At this point ESME will check to ensure that the phone number being registered from is either a new unknown number, or if previously registered that the same PIN / Password and registered number combination is again being used to set up the app.

If the PIN/ Password is not the same the app setup process will fail. This is to stop someone either uninstalling or reinstalling the ESME app to reset the pin and be able to un-encrypt the ESME messages if any any still valid of course.

Assuming the initial setup goes well, This initial process sets both local and master pins the same. The local pin is used to access and decrypt the sms messages locally, these can be set independently from each other within the settings section of the app.

You can also use your bio metric fingerprint scanner if your phone supports it, to login and decrypt you messages locally.


Fingerprint Login

Version 0.54

  • Enabled fingerprint login and switched it on if the device supported it and if the owner had registered fingerprint stored.

Version 0.55

  • Disabled fingerprint login by default and added the option within settings to enable or disable finger print login if the device is supported and fingerprints are stored.