The new HIGHSEC® phone from the Munich-based technology group and security specialist Giesecke & Devrient (G&D) enables end-to-end encryption of voice data transmitted between HIGHSEC phones and prevents unauthorized third parties from listening in on calls. Even text messages can be transmitted in secure mode. The smartphone runs a particularly secure version of the Android operating system that meets the stringent security requirements of governments and other official agencies. The mobile device was selected from among the more recent types of smartphone available on the commercial market. The smartphone model currently offered by G&D for use in high-security communication applications is among others the Samsung Galaxy S3.
“Our HIGHSEC phone solution offers the highest degree of mobile security. The incorporated G&D technology guarantees users that they can make phone calls and send text messages in the strictest confidence. And the smartphone’s security features are simple and convenient to use,” says Hans Wolfgang Kunz, Head of the Government Solutions business unit at Giesecke & Devrient.
What makes this solution so easy to use is that it is based on a standard smartphone with a “normal” subscriber number that can be reached through any mobile network. The secure telephony and text messaging functions are activated by means of a separate HIGHSEC phone app.
When this app is launched, it asks the user to enter a PIN to access the secure microSD card integrated in the phone. This card contains the keys needed for subscriber authentication and the encryption/decryption algorithms for communication. The microSD card is a smartcard certified to Common Criteria EAL 5+, which runs G&D’s Smart Cafe Expert 5.0 operating system, certified to Common Criteria EAL 4+.
Users can set up a call to another HIGHSEC phone owner by selecting a contact in the separate, secure phone directory. Secure voice calls are only permitted between members of a predefined user group, which generally means within one government department or ministry.
The tap-proof calls are not routed via the conventional voice network. Instead, they are packet-switched over the Internet using a high-security data channel (encrypted voice-over-IP connection). The HIGHSEC phone supports the WLAN protocol and current mobile network technologies such as HSDPA, UMTS, and EDGE.
The first step in the call setup procedure is the reciprocal authentication of the two parties. The authentication process takes place in a dedicated HIGHSEC phone server for the government agency or public authority in question. Once the caller and the called party have been authenticated, an end-to-end encrypted data channel linking the two HIGHSEC phones is set up. In this user-friendly solution, a background process automatically executes all encryption functions. To prevent the mobile device from being manipulated by malware (e.g. Trojans), additional apps can only be downloaded via the customer’s administration center.
The HIGHSEC phone solution is available to government-sector customers immediately.