## ADDED Requirements

### Requirement: Receive new SMS messages through the system broadcast path
The app SHALL use Android's new SMS received broadcast path as the primary mechanism for capturing verification SMS messages on the user's own device.

#### Scenario: SMS broadcast is received with permission granted
- **WHEN** the app has `RECEIVE_SMS` permission and the device receives a text SMS
- **THEN** the app MUST process `Telephony.Sms.Intents.SMS_RECEIVED_ACTION` and extract message objects from the received intent

#### Scenario: SMS broadcast is unavailable because permission is missing
- **WHEN** the app does not have `RECEIVE_SMS` permission
- **THEN** the app MUST report that the primary SMS capture path is blocked by missing permission

### Requirement: Preserve complete SMS message bodies
The app SHALL preserve SMS bodies using Android SMS message APIs rather than ad hoc PDU handling in business logic.

#### Scenario: Multi-part SMS is received
- **WHEN** the received intent contains multiple SMS message segments
- **THEN** the app MUST combine the message bodies in received order before saving or displaying the capture result

#### Scenario: Sender and timestamp are available
- **WHEN** Android exposes sender address or timestamp for the SMS message
- **THEN** the app MUST attach those values to the capture result for diagnostics and display

### Requirement: Surface the original SMS content as the primary result
The app SHALL use the original SMS body as the primary display and diagnostic result.

#### Scenario: SMS body is available
- **WHEN** the app reads an SMS body successfully
- **THEN** the app MUST retain the original SMS body for local display and diagnostics

#### Scenario: SMS body is empty
- **WHEN** the app reads an SMS message but the body is empty
- **THEN** the app MUST return a structured failure instead of inventing a display value

#### Scenario: Capture result is displayed
- **WHEN** the app shows the latest SMS capture result
- **THEN** it MUST display the original SMS content, sender summary, source, timestamp, and any structured failure reason

### Requirement: Support optional Google SMS verification APIs
The app SHALL support Google SMS verification APIs only as optional paths and MUST NOT depend on them for the primary capture behavior.

#### Scenario: SMS User Consent path is available
- **WHEN** Google Play services supports SMS User Consent and the user authorizes reading a single SMS
- **THEN** the app MUST feed that SMS body through the same body-preservation path used by the primary path

#### Scenario: SMS Retriever path is used with app hash
- **WHEN** a controlled test SMS includes the app hash required by SMS Retriever
- **THEN** the app MUST accept the retrieved message and preserve the original SMS body

#### Scenario: Google SMS API is unavailable
- **WHEN** Google Play services is missing, disabled, incompatible, times out, or the user declines consent
- **THEN** the app MUST keep the system SMS broadcast path usable and report the optional path failure separately