Security Advice For Mobile Phone Users

Every day, all over the world, millions of people enjoy the convenience provided by GSM technology. Today, over 3 billion people have access to GSM and 3GSM services and this number is growing rapidly. Mobile phones have revolutionised the way the world communicates.

Whilst using a mobile phone is generally a trouble free experience, these desirable and sophisticated devices have, inevitably, become the subject of some interest amongst the world's criminal fraternity. One issue is, of course, the theft of mobile phones, although this is often perceived as being a more serious threat than it really is. But additional challenges more familiar to the fixed Internet world, such as spam and mobile phone viruses, are also on the increase.

These web pages aim to provide mobile phone users with simple, easy to follow advice to help you minimise the risk of experiencing these problems firsthand.



GSM Security Algorithms

GSM security algorithms are used to provide authentication and radio link privacy to users on a GSM network.

GSM uses three different security algorithms called A3, A5, and A8. In practice, A3 and A8 are generally implemented together (known as A3/A8).

An A3/A8 algorithm is implemented in Subscriber Identity Module (SIM) cards and in GSM network Authentication Centres. It is used to authenticate the customer and generate a key for encrypting voice and data traffic, as defined in 3GPP TS 43.020 (03.20 before Rel-4). Development of A3 and A8 algorithms is considered a matter for individual GSM network operators, although example implementations are available.

An A5 encryption algorithm scrambles the user's voice and data traffic between the handset and the base station to provide privacy. An A5 algorithm is implemented in both the handset and the base station subsystem (BSS).