The Challenge to the Mobile Industry and (Spoiler Alert) the Solution
Bringing together well over 100,000 mobility professionals from around the world, Mobile World Congress (MWC) is the largest annual conference on mobility. With tremendous splashes and lavish media events, MWC is the main event for mobile companies to showcase their solutions and highlight new developments and innovations. This year is no different. However, if one looks more closely, underneath the hype, it is clear that a great deal has changed in the last year and the mobile industry of 2018 faces serious risks and needs additional important cybersecurity innovation. That is why we are proud that Samsung has chosen to demo TrustCall Native Enterprise for Samsung in its booth, the first and only solution that marries security, ease of use and enterprise features, policy enforcement and management.
For a few years cybersecurity experts have warned about the vulnerabilities in the global communications system enabling surveillance and eavesdropping of voice and text communications. Specifically, cybersecurity experts demonstrated that internetworking protocols, Signaling System 7 (SS7) and Diameter, with relative ease are capable of being used broadly and from remote distances, including from another carrier’s network, to monitor people’s conversations and SMS text chats. These attacks also take place on modern LTE and 5G networks because voice and text data is transmitted in the clear “between the towers,” whether across a single carrier’s network or traversing networks during roaming. While knowledge of these vulnerabilities is several years old, it remained primarily the concern of cyber geeks and little attention was paid by the business community and general public. All that changed in 2017.
In 2017, public awareness of the threats to mobile voice and text communications increased dramatically driven by events globally, from the Middle East to Asia, Europe to Africa, and Canada to Latin America. In one of many examples, Mexico has been rocked by the “Pegasus” scandal, in which the government monitored citizens’ communications in violation of legal processes. However, the greatest awakening in 2017 happened in the business community, as business people came to understand that monitoring and interception of phone calls and texts has gone mainstream. Economic and corporate espionage, whether conducted by foreign governments, hackers, criminals or competitors has become a top threat and addressing it a high priority.
According to US Government and cybersecurity experts globally, the only effective way to protect mobile communications is to implement strong end-to-end (E2E) encryption for both calls and texts on the device itself. At KoolSpan we conducted additional market research to understand the requirements of business people. We spoke with hundreds of organizations ranging from defense, law enforcement, treasury and others in government to Fortune 1000 corporations in energy, natural resources, manufacturing, finance, legal, and others to many small and medium sized businesses. Our conversations covered more than 60 countries across six continents.
The feedback we received included the following:
- “Our people use secure calling some of the time, but often they forget.”
- “Sometimes a conversation starts off about non-sensitive topics and then shifts in the middle, but the participants do not shift to a secure solution once they’re already speaking.”
- “Company provided cyber education campaigns only go so far. Changing human behavior is very difficult if not impossible.”
- “We used encrypted communications in the past, but people stopped using it because it sounded terrible and didn’t always work.”
- “Too few people were using it. So they had to switch to regular insecure calls when calling those people.”
- “People did not bother to download and install the application. We should push it to their phones.”
- “We want a solution that we can implement and enforce across our organization. And manage it, when people leave, for example.”
- “Security should be built-in.”
- “Encrypted calls need to work everywhere and sound better.”
KoolSpan’s research revealed three significant impediments to broad adoption of E2E encrypted voice and text solutions; (1) bad user experience, especially poor audio quality, (2) user inertia in the sense that getting people to change their behavior to communications via other applications is spotty and that employee training is only partially effective at best, (3) user error, because a human decision to communicate securely for one call and then regularly (insecurely) on another inevitably results in human error. We recognized that businesses require a solution where people should not have to decide to call securely; it should happen automatically, by default.
Taking these lessons to heart KoolSpan set out to solve these challenges and eliminate the historical tradeoff between security and ease of use. TrustCall Native Enterprise is the first and only solution that addresses all three challenges. TrustCall Native Enterprise integrates with regular smartphones, so that when calling or sending a message with the native Phone, Message, and Contact applications, the call or message is automatically encrypted end-to-end so long as the recipient is also a TrustCall user.
- TrustCall provides high definition (HD) quality audio that sounds noticeably better than a regular call, even on remote and low bandwidth networks.
- TrustCall Native Enterprise requires no change in behavior or training.
- Communications are encrypted automatically, by default, without human decision.
For security adoption to be broadly successful, it must be convenient, easy to use, deliver HD audio quality, transparent to end users, and automatic. TrustCall Native Enterprise is the first and only solution to solve these challenges and do it with a true enterprise ready solution.
Originally published in SAMENA Trends – February 2018, republished with permission.