I found an article on security titled Report: GSM Best for Mobile Banking a couple of weeks ago, and I would appreciate hearing your opinion. I've been in the mobile banking space for awhile now and this is the first time I've heard that one format is "more secure" than another.
Also, here's an article that may help if you're not familiar with the details on which carrier is using which format Twisting Technology.
Subscribe to:
Post Comments (Atom)
4 comments:
this question came up today during a panel discussion at the mobile money transfer conference in dubai & the panel dismissed it. basically they suggested that there are so many new security measures in play that to suggest that a GSM network is more secure over a CDMA network is an inaccurate statement. you can't answer this question by looking at the network only, you must consider the application on the mobile device & how the transaction is treated at the receiving end.
I doubt it. Even though GSM uses an ecryption layer, I heard on various occasions that sniffing hardware can be purchased for decrypting GSM traffic (voice, GSM, USSD I guess) going on in your surroundings. Also I heard that operators can see all GSM related traffic in clear text whenever they need or want.
This seems to be a propaganda by Smart Card (SIM) manufacturers.
I do see advantages of SIM as being a Tamper Proof Storage, and the advantages it brings. However, the claim assumes that there is no Application Layer security implemented on top of whatever GSM/CDMA offers.
In reality, both WAP/XHMTL and Rich Clients can use HTTPS, which provides comparable security in both GSM or CDMA. SMS offers the same level of security/vulnerability in both cases.
The only thing GSM brings-in is SIM-Toolkit (STK) based applications. Couple high-level issues with STK:
1. Carrier has to be trusted for User-authentication by the bank.
2. STK offers limited features, usability is a big issue.
Overall, I wouldn't pay much attention to this claim.
Cheers,
Viral Shah
Hello Brandon,
in fact the main security of GSM is the mandatory SIM card.
But with the emergence of the 3G and the generalization of USIM card, may be the security difference between the 2 "old" standards (CDMA and GSM) is no more a matter of concern.
Post a Comment