The security of 3G and GSM mobile phone calls has been questioned recently. Mark Bridge spoke to Dr Simon Bransfield-Garth, Chief Executive of Cellcrypt, at Mobile World Congress to find out how real the problems are. The interview was included in our podcast on 19th February 2010; we’ve published an edited transcript of the interview below.
Simon Bransfield-Garth: Voice security is a topic which has been growing in interest for the last few years. It’s certainly the case that most people who get their voice calls intercepted never know about it. That’s one of the challenges of the industry, that there is no ‘smoking gun’ for most voice interception incidents. Nevertheless, we have customers who are aware that they’ve had major interception incidents where deals worth hundreds of millions of dollars have been lost as a result of voice calls being intercepted.
The Fonecast: Back in the old days of analogue phones, if I wanted to intercept a phone call I just had to go to a specialist radio shop and buy the right kind of scanner. If I was lucky I’d hit the frequency and be able to listen at least to one side of the call. What do you need today to listen in to somebody else’s phone call?
SBG: There’s really two places that you can intercept phone calls, the traditional place is actually nothing to do with the mobile network at all, or at least nothing to do with the airwaves, but is actually the back[bone] of the core network. In the early days of telephony, the network would be owned by the mobile operator, or at least the fixed-line operator, and they would know exactly where the signals were going. These days if you’re making, say, an international phone call, the chances are your conversation is going to be routed in a whole variety of different directions dynamically, and the mobile operator really has no idea where the signal is going to get from their network to the network of the country that it’s going to. So one point of entry is actually either in the network or in the mobile operator of the target country that you’re going to.
The other one is interception of the mobile phone signal itself, and what we’ve seen in the last few months is significant advances in the hacking community in being able to intercept mobile phone calls. In fact, about a year ago it would probably have taken the best part of half a million dollars’ worth of equipment to intercept a mobile phone call. These days, it can be done for about ten thousand dollars’ worth of equipment, and more importantly, the technology to do that was put into the public domain around Christmas 2009, so we’re expecting a rather worrying rise in the number of organisations which are going to have the ability to intercept mobile phone calls over the air.
So we’re looking at two risks potentially: one is people out there with the equipment and the other is somebody dodgy within the network or the network infrastructure, effectively attaching a pair of wires to the phone call?
Yes, they’re the two principal mechanisms. This isn’t just theoretical; in 2005, around the Greek Olympics, around a hundred senior officials, government officials and others, were tapped for several months. The reason we know this is because there was a court case and the mobile operator was fined several tens of millions of dollars as a result of that particular interception case.
Your company offers secure voice calls. When we see this kind of thing in the films, it’s someone with a scrambler telephone and they say “switching to secure mode” before they push a button – how does it work in real life with Cellcrypt?
Well, oddly enough, in terms of the way that you do it, not so very different. What we have today, of course, is smartphones, which are able to run applications, and so we have an application which runs on the phone. Instead of using the normal telephony channel to send the signal, the application captures the voice out of the microphone, encrypts it, and then sends it over the data channel to the phone at the other end, where the corresponding application at the other end decrypts the signal and then plays it back through the earpiece.
And how long does this take – is there any kind of delay in the conversation?
In general, it’s very much like having a normal phone call. You sometimes get a little bit of delay, maybe half a second or so, but the voice quality is excellent and most people tell us it’s just like making a standard mobile phone call.
How much data does it use? Everyone’s very conscious of tariffs and charges, even if they have data bundles.
The amount of data is tiny by modern standards, it’s about ten to fifteen kilobits of data [per second], so it’s tiny in comparison to streaming video or streaming audio.
Which devices does Cellcrypt’s service run on?
Cellcrypt supports most of the major smartphone devices. The one that we’re seeing the most demand for is RIM’s BlackBerry device, and the reason for that is that BlackBerries are traditionally associated with data security, so the email on your BlackBerry is already pretty secure, the messaging is secure. What Cellcrypt does is to add voice security to that data security that’s already available on the devices.
The service is being used in a wide variety of countries and customers. The majority of customers are government customers, and what we’re seeing is a very strong demand, particularly in the Americas, particularly in Latin America, also in Asia and in Africa, but we’ve seen also an increase in demand in the Enterprise, and we’ve seen about a tenfold increase in the demand for this in Enterprises worldwide during 2009.
You’re here at Mobile World Congress 2010; everyone seems to be announcing new developments – what do you have lined up for the year?
Cellcrypt is in the process of developing a range of technologies that allow you not only to link mobile to mobile, but also mobile into your desk phone, into the Enterprise PBX. What we’ve announced at Mobile World Congress is the ability to get Cellcrypt on your phone for free, so we’re enabling people to sign up and get free use of Cellcrypt on their mobile device for 90 days, to enable them to really experience what it’s like to have secure calling on their mobile, and have the confidence that, particularly when they’re travelling or where they’ve got conversations about sensitive topics, that those conversations are not going to be intercepted.
The service works ‘Cellcrypt to Cellcrypt’ so we encourage people to download the service onto a significant number of devices in their organisation, maybe ten, twenty devices, and then all of those individuals can call on Cellcrypt, and of course, if you’re doing it over Wi-Fi, then those calls are entirely free.
Finally for now, Simon, a lot of our listeners are in UK retail – what can Cellcrypt do for them? – what can they do for you?
Cellcrypt is primarily a business-to-business proposition, it’s being used by corporate and governments all around the world. We do have customers in retail, in fact one of our first customers was an Italian supermarket, and what we find is that in retail, supply chain is everything. There is a lot of trade secret and commercial advantage in retail about how you manage the supply chain, who the suppliers are, what deals are being done at any given time, and a lot of those deals are being done in countries around the world where perhaps the privacy laws are not as strong as they are in Europe. So we see retail being an important area for customers who realise that they need to be securing their conversations in order to secure their supply chain and their business advantage.
And if somebody wanted to be a Cellcrypt reseller?
Then we’re open to resellers all round the world and they should just contact Cellcrypt; we’d be more than happy to have a discussion with them.