Security

Keeping data private is a big issue for any wireless network. In the days of voice-only communications, the greatest worry was that an eavesdropper could listen in to a private conversation, as several members of the British royal family discovered when details of their affairs were splashed across tabloid newspapers. But mobile commerce makes security even more critical—if people are going to entrust their bank account to technology, it has to be secure.

Encryption

Digital mobile systems all provide security through some kind of encryption system. Data can be encrypted in many ways, but algorithms used for secure data transfer fall into one of two broad categories: symmetric and asymmetric. Both rely on performing mathematical operations, using a secret number known as a key.

Symmetric algorithms depend on both parties knowing the key. They use mathematical operations that are easily reversible; for example, the sender could multiply the data by a number, then the recipient divide it by the same number. Breaking the code means finding the key, and so the strength of the encryption is measured as how long an eavesdropper would take to guess the key using trial-and-error. Larger keys mean more possible permutations, and so better encryption. In fact, adding an extra bit to a key means that the code takes twice as long to crack.

The most widely used algorithm is DES (Data Encryption Standard), invented by IBM in 1977. It uses a 56-bit key, which seemed unbreakable at the time, but not anymore. In 1997, a group of Internet users managed to read a DES-coded message, taking a little over four months using the spare processor cycles of more than ten thousand PCs. By 1999, the same thing could be achieved by a single PC in under a day. Most banks now use triple-DES, which is something of a misnomer. The encryption is performed three times, but the effective key-length is only twice that of DES: 112 bits. Nevertheless, to crack triple-DES would still take all the computers built by 2001 longer than the age of the Universe.

GSM encrypts all data between the phone and the base-station using a code called A5 (the A is for Algorithm). Its precise details are kept secret to make it harder to crack, but details have leaked out over the years and have even been posted on hacker Web sites. It is thought to have a key-length of 56 bits, the same as DES. This is reduced when shipped outside NATO and its allies, in a futile attempt to prevent strong encryption being used by terrorists. Any terrorist wanting strong encryption already has it, as more modern algorithms than A5 can be downloaded freely from the Internet.

The U.S. used to place far stricter limits on encryption export than GSM's European inventors, so versions of Windows sent to countries outside of the U.S. before the year 2000 all use only 40 bits. This means that for most users worldwide, the GSM network is thousands of times harder to listen in on than are "secure" Web transactions. The Web itself is more than a trillion times safer than the fixed phone system, which includes no encryption at all, yet people who don't think twice about giving out their credit card details over the phone still fear doing the same on the Web.

Public Key Cryptography

The difficulty with symmetric algorithms is that both parties need to have a copy of the key. To transmit the key freely over the air would render the whole exercise pointless, so GSM's designers turned to asymmetric algorithms instead. These use two separate keys for encryption and decryption. Usually, the encryption key can be publicly distributed, while the decryption key is held securely by the recipient.

Several different asymmetric schemes are available, each using a different type of "one-way" mathematical function. The most widespread is RSA (Rivest, Shamir and Adleman, its inventors), which relies on the fact that factorization is more difficult than multiplication. Multiplying two prime numbers together is easy for a computer, but recovering those two numbers from the product is not.

The complicated math involved in asymmetric algorithms means that they use a lot of processing power, and so cannot be used to encrypt an entire message through a mobile phone. Instead, A5 encrypts the message itself using a symmetric algorithm, with a key randomly generated by the network and sent to the handset using an asymmetric algorithm.

Wireless Portals

The problem with most wireless encryption systems is that they don't cover an entire connection. While the Internet's SSL encrypts data all the way from a user's browser to the Web server, A5 only covers the air link, and even WAP covers only the mobile part of the network. As shown in Figure 7.7, this leaves a weak link. Data is encrypted over the Internet using SSL and over the wireless link using WTLS, but it is vulnerable at the gateway itself.

Until an end-to-end encryption system is developed, the only way to ensure complete security will be to own the gateway. Several banks are now trying this, not wanting to share their customers with a wireless operator. To control his account, a customer has to dial in to the bank's own WAP gateway, where he will also be able to access the Internet and pay-per-view content. The banks hope that customers will stay at their sites and return, spending money on services other than banking.

The problem for the banks, at least in Europe, is that they said the same thing about the Internet. In an effort to become fixed ISPs, many offered "PC banking" only over their own dial-up connections citing security concerns as a reason not to allow true Internet banking. The security vulnerability in WAP is more real, but customers may see it as another excuse.

Viruses

Ever since the mobile Internet was first suggested, anti-virus companies have warned that viruses could attack cellphones and PDAs. In June 2000, their predictions seemed to have come true, with the media excitedly reporting that a virus known as Timofonica had attacked cellphones.

In truth, Timofonica was an ordinary computer virus, programmed to send abusive SMS messages to random users of the Spanish Telefonica mobile system. It infected PCs, not mobile phones. The worst a mobile phone user would see was an annoying spam message, something familiar to everyone who uses Internet email.

Nevertheless, viruses are a threat on any computing platform. They are unlikely to strike present cellphones, but only because their functionality is so limited. The next generation of wireless terminals will include processing and memory akin to those of modern computers, so they may be more vulnerable.

Cloning

Cloning is a serious problem for analog networks. It means copying a cellphone so that calls can be made from a customer's account without their consent. Because it doesn't necessarily rely on a phone being physically stolen, a user often won't know that her phone has been cloned until she gets the bill.

Cellular phones need to keep in constant touch with their networks so that calls are able to get through. They identify themselves by sending out a unique signal, which anyone can pick up using a special scanner. Cloners record the signal and program it into a new phone, or several phones. These are then sold to other criminals or rented out to unsuspecting members of the public.

To combat cloning, cellular operators analyze usage to check for unusual call patterns. Most obviously, they know that a genuine phone can't be in two places at once. If it's making more than one call at a time, it has definitely been cloned. Large numbers of international or premium-rate calls can also arouse suspicion, though this sometimes irritates genuine users. There have been cases of people traveling abroad who suddenly found themselves cut off because the operator suspected that the phone had been cloned or stolen.

Digital phones are much harder to clone because they use encryption and digital signatures to authenticate each user. A GSM phone could be cloned in theory, but only by opening it up and copying the SIM card. This is a difficult process, which even in purely financial terms is likely to cost far more than the potential gains.

Theft

As wireless devices become smaller and more powerful, they also become more attractive to thieves. Location technology should make them easier to track down, while a device could also be tailored to its owner using biometric technology. This identifies people through unique biological characteristics, such as a retina scan or DNA sequence, which are almost impossible for a thief to crack.

The most likely biometrics to be used in handheld devices are fingerprints and voiceprints (specific frequency patterns within a person's voice, produced by the unique shape of the vocal tract). Both these technologies exist today, and cheap fingerprint recognition systems are available commercially from mainstream computer manufacturers. But they are rarely used as anti-theft features, even for laptop computers that cost thousands of dollars and often contain invaluable data.

This may be deliberate, according to the Design Against Crime initiative, a British project sponsored in part by the government and the London School of Economics. It claims that manufacturers actually want their products to be stolen so that customers will replace them more frequently.

normal: Web Resources http://www.redherring.com Red Herring magazine covers the financial side of the technology industry, including m-commerce and the prospects for investors in wireless business. http://www.mbizcentral.com The online version of M-business magazine is a useful source of information about all aspects of the wireless business,including the clash between fixed and mobile http://www.bbc.co.uk/digitalradio This site provides information on digital radio from the BBC, the first operator to begin broadcasts. http://www.rds.org.uk This site offers an independent forum promoting and explaining the Radio Data System.