Deutsche Telekom encrypts phone calls and hardens tablets
Deutsche Telekom hopes to address the growing mobile security concerns of enterprises with secured devices and an app that encrypts voice and text messages.
As enterprise users become more dependent on smartphones and tablets for handling sensitive data, there is also a growing desire to improve protection, be that from snooping governments, competitors or hackers that want to wreck havoc.
The latest addition to the operator’s portfolio is the GSMK application, which gets its name from the company Deutsche Telekom partnered with for its development. The app is used to encrypt the entire transmission path for voice and text messages and was announced at the Cebit trade show in Hanover. It will first be available for Android-based devices, followed by an iOS version, according to Deutsche Telekom. Pricing was not immediately available.
When two people want to communicate, a central system is first used to set up the session. The two devices then do a Diffie-Hellman method key exchange to be able to encrypt the call or a text message. There is an integrated feature to protect against man-in-the-middle attacks, and the app masks the user’s location.
Deutsche Telekom isn’t the only operator in Germany that sees a demand for secure phone calls and messaging. At Cebit, Vodafone announced a competing product named Secure Call.
Deutsche Telekom also demonstrated an expanded family of devices incorporating its SiMKo 3 technology and aimed at enterprises, authorities and governments that have the highest security demands.
In addition to a customized version of the Samsung Galaxy SIII, a SiMKo version of the Galaxy Note 10.1 is undergoing certification at the German Federal Office for Information Security. A laptop and a Galaxy S5 with SiMKo technology are also planned, according to Deutsche Telekom.
The SiMKo 3 devices have two distinct compartments: a private compartment and a secure work compartment. The work compartment is a completely separate phone running a hardened version of Android in a virtualized environment based on an in-house developed bare metal hypervisor, according to Udo Lorenz, chief sales and marketing officer at Trust2core, the wholly owned Deutsche Telekom subsidiary that developed the software. A crypto card is also used to encrypt communication and information stored on the device, he said.
However, building a secure device isn’t just about cryptocards, hypervisors and hardened operating systems, but also making one that’s easy to use. To switch between the work and private environments, three slides are needed on the phone and one slide on the tablet.
The operator confident about the level of security that the SiMKo software offers.
“There is only one level of higher security, and that is not using a mobile phone at all,” Lorenz said.
Unsurprisingly, the security comes a cost; a SiMKo smartphone costs between €1,700 (US$2,350) and €2,500. Also, export of the devices has to be approved by the German government. Once a company has invested in SiMKo devices, Deutsche Telekom works with it to harden the underlying infrastructure.
“It makes no sense to sell a crypto device and have very open infrastructure in the background,” said Deutsche Telekom’s Rainer Knirsch.