KoolSpan TrustCall and TrustChip

Powered by SC Magazine
 

This one is a point solution to a point problem: voice call security from mobile phones. In addition, however, it has optional modules that secure text and email. We will focus on the voice capabilities for this review. The KoolSpan system includes the TrustCall software for the mobile phone, the TrustChip, also for the phone, and the TrustRelay Server (not covered in this review).

Today, TrustCall only works with Android devices and BlackBerries. When one makes a secured call, the phone contacts the TrustCall Server. This relays the call to the TrustCall phone the user is dialing. If one attempts to call an unsecured phone using a secured connection, the attempt will timeout and an SMS message will appear on the dialed phone. No connection, however, will be made. If one wishes to dial an unsecured phone, TrustCall allows that option. Using the phone is simplicity itself once the software is installed. One can manage multiple users centrally using the TrustCenter Server web interface.

Every secured phone contains a TrustChip - a microSD card - that contains everything the phone needs to communicate with the TrustCall Server and, thus, with other trusted phones. The chip contains the TrustCall software - that users install on their phone - and other information that the phone needs, such as TrustGroups the phone belongs to, as well as a universal TrustGroup that allows peer-to-peer communication between any TrustCall-enabled phones. The system administrator can disable the universal group if desired. There are a lot of configuration options and the possibilities for managing secure voice communications are significant.

We tested the TrustCall encryption on a pair of Samsung Galaxy SII Android phones and a third Galaxy without TrustCall. The phones were delivered with the software preinstalled, but the directions in the manual are clear and easy to follow. There are two excellent guides, one for administrators and one for users.

Our first test involved attempting to call a non-TrustCall phone with one of the TrustCall Galaxies in its secure mode. The call never connected and when we checked the receiving phone we found an SMS message that looks like a log entry. It gives virtually no information useful to a potential intruder. Deciding to make a TrustCall connection likewise is simple. When one makes a call, they are presented with two large colorful buttons. If the red TrustCall button is selected the phone will connect with the relay server, authenticate, the server calls the receiving phone and authenticates it and, if all authentication succeeds, the call will complete. 

Overall, we found this to be a strong implementation of mobile phone encryption. Military-grade voice encryption has been around for a long time, but this is the best implementation of commercial-grade voice encryption we have seen to date. TrustCall is FIPS 140-2 compliant and uses AES256 encryption. There is no perceptible distortion of the audio, the signal is as clear and strong as it would be without TrustCall, and latencies are negligible once the connection is made and the call is established.

Copyright © SC Magazine, US edition


KoolSpan TrustCall and TrustChip
 
:
Overall Rating
Verdict:
If you need secure voice from your organization’s newer Androids or BlackBerries, this feature set is, hands-down, your best choice.
Product Info
Supplier:
 
 
 
 
Top Stories
Parliament passes law to let ASIO tap entire internet
Greens effort to limit devices fails.
 
Business-focused Windows 10 brings back the Start menu
Microsoft skips 9 for the "greatest enterprise platform ever".
 
Feeling Shellshocked?
Stay up to date with patching for the Bash bug.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  65%
 
Advanced persistent threats
  5%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1397

Vote