Because mobile VoIP has reached the point of becoming virtually indistinguishable from cellular and landline calling, most of us take its inherent security for granted.
But it isn’t inherently secure. Neither are cellular calls, for that matter, although in many cases they are more secure.
Wiretaps have always existed, but until recently it was relatively hard to intercept a phone call on a landline. Mobile calling has opened up the door for far more security concerns. Now calls can be intercepted by software installed on a device, on networking gear carrying the call to a cellular provider—or by more traditional internet snooping methods when it comes to VoIP calling.
“The digital data of a VOIP call can be intercepted anywhere along the complicated path from your router through the multiple servers until it goes out to the analog phone network,” wrote Lincoln Spector for PCWorld. “Assuming your VOIP service doesn't encrypt calls, whoever intercepts it can listen to it, as well.”
So encryption is the first area to consider when securing VoIP calls. Some VoIP solutions are encrypted, such as Skype (News - Alert), according to the PCWorld piece. But others are not. Make sure your VoIP calling solution is encrypted, because it is pretty hard to ensure that there’s no data leakage in the entire communications chain from your mobile VoIP handset to the ears of the person you are calling.
While ensuring that there’s no security breach at any point in the communications chain is not possible, securing the mobile device and the VoIP account used for the calling is possible.
The first, securing the device, can be accomplished relatively easily by employing a password on the mobile device doing the VoIP calls. The second, securing the VoIP account, can be a bit trickier. But it is possible.
One solution on the market for ensuring mobile VoIP account security is REVE Systems’ iTel Pin Protector. The iTel Pin Protector is software that limits VoIP usage to handsets that have been approved. So a caller using REVE’s iTel Dialer Express (which runs on all the major smartphone platforms, including Symbian (News - Alert)) can only place a VoIP call if his smartphone has been approved for use with the account.
This authentication process is achieved by using the unique IMEI number on every handset. When VoIP calls are placed, they are checked against the account’s list of registered IMEI before the connection is completed.
A PIN number also is used in conjunction with IMEI when it comes to the iTel Pin Protector, making the system completely secure.
“There's no such thing as a totally secure phone call,” noted Spector in the PCWorld article. But, “unless you have reason to believe that someone powerful has it out for you, you can achieve a reasonable degree of privacy.”
REVE Systems is currently participating at ITEXPO West 2012 - the world’s premier IP communications event. Visit REVE Systems in booth #302. For more information on ITEXPO (News - Alert) West 2012, click here.
Edited by Stefania Viscusi