Comment by devinegan

My startup (LaunchKey, now part of TransUnion) encrypted the data in our push authentication requests as late as a decade ago. This was painful until they expanded the size of the message allowing for more encrypted data. It is possible to do so (I would use pub/priv ec keys now) but remember you are limited in the amount of data you can include so you might need a “pull” to deliver all of the content necessary.