The Case For Secure SMS
By Babar Bhatti | October 6, 2009 | No Comments
I thought it would be interesting to present information about secure SMS. What is it and why do you need it? There are times when higher grade of security and trust is needed from a sms-based communication. Examples include transmission of sensitive and confidential information from handset-to-handset, server-to-handset or vice versa. Usage scenarios range from financial transactions, healthcare and government and defense agencies. Most of the content here is via CellTrust website, a vendor of secure SMS solution.
Here are some of the potential problems with standard SMS.
- Standard SMS can be intercepted along the transmission path at multiple locations (aggregators, carriers, infrastructure providers, or tower operators) especially when using Internet to submit your messages. The content is transmitted as a plain text making it easy to eavesdrop.
- Depending on the carrier, messages larger than 160 characters (varies per carrier) are rejected, truncated or broken down into multiple messages that may be delivered out of sequence.
- Standard SMS is typically assumed delivered as soon as the carrier submits the message over their network without having any confirmed response from the recipient’s mobile handset. Hence, there is no definitive way to determine if a message was received by the recipient or whether it was opened or just simply deleted. Standard SMS does not provide timing around any of these events.
So what is Secure SMS?
SecureSMS is a secure text messaging solution for enterprises, governments and consumers for transmitting sensitive and confidential information from handset-to-handset, server-to-handset or vice versa.
Using SecureSMS state-of-the-art mobile Micro Client, mobile phones utilize the familiar and user-friendly SMS channel to send and receive healthcare information, financial data or internal communication from others within their Circle of Trust™.
Integrated with CellTrust two-way global SecureSMS Gateway, SecureSMS implementation is similar to using standard SMS gateways. Supported by a set of high-level APIs, you can submit secure text messages from your own application or by using CellTrust’s powerful web tools and plug and play scripts without the need for developing any code. On the handset, SecureSMS’s full featured editor is used to send secure text messages to other handsets or your application.
SecureSMS Benefits
- Secure end-to-end encryption meeting the highest security standards
- Optionally, specify your own encryption scheme for your Circle of Trust
- Unique key for each handset with decryption limited to the designated device
- Communicates over SMS channel (resilient and supported by all carriers)
- Delivery and read confirmation
- Remote data wipe in case of loss or unauthorized access attempts
- Unlimited message size (limited by handset hardware)
- Integrated with CellTrust SecureSMS Gateway supporting 218 countries and 700 carriers
- Optional message archiving for reporting and compliancy
- Certified with major carriers, operating systems and handset manufacturers
Comments
No Responses to “The Case For Secure SMS”
Leave a Reply
Subscribe via Email
About TelecomPK
TelecomPk.Net is a leading source of information and analysis about Pakistan Telecom industry. More here.
Online Directory
October 6th, 2009 @ 10:28 am
[...] more here: The Case For Secure SMS | State of Telecom Industry in Pakistan By admin | category: mobile sms | tags: carrier, definitive-way, delivered-as-soon, [...]
October 6th, 2009 @ 11:08 am
Looking at the present situation of Pakistan, related to the security matter, even a shop keeper feels like he had been traced by some agencies. No body feels privately secure.
Under such environment, this new addition shall be highly appreciated by the public and will be used without taking care of the high sms fee that these telecom companies will add up.
Moreover, reading someone’s message is an ethical crime.
October 6th, 2009 @ 11:19 am
I think this is a great idea. I am working on communicating with patients using e-health information systems over mobile network. This S-SMS will certainly help in Patient confidentiality matters. I dont know whether it is approved by HIPPA.
Great Work!
October 6th, 2009 @ 12:08 pm
From a solutions’ point-of-view the application itself seems to have a small glitch. The application seems to be a mobile handset client (perhaps a J2ME) application. The glitch lies in the downloading of such an application. I wouldn’t want to explicitly quote how, but basically an ordinary subscriber can easily be tricked into downloading an application (in this case the Micro Client) that may appear to be be coming from an authentic source, but that might not be the case. Alternative…use a secure application based on SIM cards. This application may be slightly harder to access and not as user-friendly, but if you’re talking about security…unmatched!
October 6th, 2009 @ 1:23 pm
[...] This cup of tea was served by: State of Telecom Industry in Pakistan [...]
October 6th, 2009 @ 5:09 pm
I think secure SMS should be adopted as standard by all mobile phone manufacturing companies. Allowing encryption and decryption on the phone’s inbuilt SMS software will reduce risk of downloading malicious software. The editor should have an inbuilt mechanism for encrypt or decrypt messages, like in secure E-mail.
October 7th, 2009 @ 11:02 am
With the present situation, it’s difficult to make the case for an application that encrypts messages. Using crypto to add a message authentication code to outgoing messages (and verifying MACs in incoming messages) is an easier sell.
October 13th, 2009 @ 4:39 pm
@H There are ways to secure the process of how the app gets loaded on the phone. It could be a trusted third party source.
October 22nd, 2009 @ 4:15 pm
When it happens, the founders are both happy and rich. ,