AT&T debuts mobile encryption app
Service includes two-factor encryption
AT&T Co. has launched a new two-factor encryption service for
sensitive-but-unclassified mobile voice communications: AT&T
Encrypted Mobile Voice.
The solution comes out of the AT&T
lab, said Stacey Black, vice president of strategic products for
AT&T Business Solutions.
“There are always requests for
improving security,” he said. Both government and enterprise are
concerned about the interception of calls. Digital communications has
its own security, but this adds an additional level of security, which
some users find valuable.”
The on-demand service is built on an
encryption engine on a chip, TrustChip from KoolSpan Inc., and
encryption management software, One Vault Voice from SRA International
Inc., and works on BlackBerry and Windows-based smart phones. iPhone
users are out of luck — the device lacks an open microSD slot for the
Here’s how it works: When Mary prepares to make a
call, the One Vault Voice software asks her if she would like to make an
encrypted call. If she says, no, she merely proceeds as usual. If she
says, yes, she selects a call recipient, Jason, from her contact list.
The phone client application contacts SRA’s One Vault Servers and Mary
is automatically logged in.
The server signals Jason’s phone;
and the One Vault Voice client on the phone notifies Jason that a secure
call is coming in; Jason accepts the call; he, too, is automatically
logged in and the encrypted session is established over AT&T’s
network as, essentially, an encrypted voice-over-IP call.
Mobile Voice has obvious potential for the financial industry, law
enforcement and health care, but it also could play a valuable role in
other areas, such as disaster recovery. For example, Black said, “your
business continuity team could be assured that their conversations after
an event of some kind were secure.”
Currently, Encrypted Mobile
Voice’s 256-bit voice encryption meets the requirements of FIPS-140-2,
for controlled unclassified Information. But no top secret or classified
version of AT&T Encrypted Mobile Voice is available. However, Black
said, “I think it’s safe to assume that work is going on to get higher
levels of security.”
Classified-level encryption for mobile
voice would be of great interest to both to the Defense Department and
intelligence community, said Warren Suss, president of Suss Consulting
Inc. “Secure mobile voice communications in the field is the holy grail
for warfighter applications,” he said.
Taking security up a
level to classified is trickier than just bumping up encryption levels,
however. “What is generally not widely, commonly known,” Black said, is
that today’s Type 1, or classified, security applications run over the
older technology of circuit-switched lines rather than in the newer VoIP
But with all other communications moving toward
IP, “it’s a good presumption that that also will be the direction that
Type I communications will take,” he added.
Mobile Voice operates in the more than 190 countries globally where
AT&T provides data roaming, Black said.
Sami Lais is a special contributor to Washington Technology.