Privacy on Phones - Encryption
Publication Date: 2012-Oct-22
The IP.com Prior Art Database
Disclosed is an encryption mechanism for consumer-market phones that does not involve specialized encryption chips. The system identifies and encrypts only the sensitive data transmitted, thereby eliminating the need to encrypt all the information and involve a complex encryption hardware. The core idea is to store the sensitive information in the phone until the entry is complete, and then encrypt and send it to the receiving switch, where it is decrypted or processed.
Page 01 of 3
Privacy on Phones - Encryption
Encrypting data in real-time for a telephone conversation is a complex process. Consumer phones are not equipped with any mechanism to encrypt sensitive information that is sent over the communication media, and are thus prone to attacks (e.g., identity theft, etc.).
With current systems, numeric data is sent as a series of distinctive analog pulses that are identified by the switch. The message sent from the phone to the switch at the telephone exchange is not encrypted; thus, anyone tapping into the telephone line can get access to the data. This is a security risk considering sensitive information is being transmitted over the wire. For a cellular network, the data is vulnerable but usually it is more difficult to hack into a cellular network for a particular carrier, but it is not impossible.
Figure 1: Unencrypted data
The example illustrated in Figure 1 has the following key strokes:
1. Menu option 1 is pressed
2. Subsequent menu option 2 is pressed
3. User prompted for password - 1234 is entered
4. The enter key # is entered
5. User prompted for SSN - 333 22 4444 is entered
6. The enter key # is entered
7. Menu option 9 is entered
This invention proposes to resolve this encryption issue with an economic solution for consumer-market phones that does not involve specialized encryption chips.
The solution lies in identifying the real necessity of the encryption process, and not just arbitrarily encrypting all the data sent across the communication media. Thus, by identifying the sensitive part of the data, the system eliminates the necessity of using complex encryption hardware.
Often, the sensitive and personal information that requires encryption is sent to an
Page 02 of 3
automated menu driven answering service. When asked for the user's identification (e.g., password), the automated service waits for the complete information to be entered, and then starts processing it when the user presses a special key (e.g., hash - #) or after a specific amount of time elapses. This process is non-real-time. The idea is to store the sensitive information in the phone until the entry is complete, and then encrypt and send it to the receiving switch, where it is decrypted or processed.
To ensure security, sensitive information must be masked on the screen when entered into the phone. The data sent over the communication media is not encrypted and can be accessed by an outside party. (Figure 2)
Figure 2: Sensitive information is masked on-screen, but remains unencrypted
The idea of the Priv...