Indians like using short message service (SMS). On an average, a whopping 40 billion text messages are either received or sent by the 400 million-odd mobile phone users in the country, as per the recent data by the Telecom Regulatory Authority of India (TRAI).
However, are these messages secure? Consider this. Individual users may not feel the need for secure mobile messaging. But what if you’re sending sensitive and critical information regarding financial transactions, especially with more and more people getting hooked on to mobile banking? According to Vital Analytics, a Bangalore-based firm, about 43 million urban Indians use their mobile phone to access banking services in the quarter ended August 2009, representing a reach of about 15 per cent among the urban mobile phone users in India.
SMSes are open to certain threats and are easy to intercept because they come through a network and there is a man in the middle who can spoof it. SMS messages can be easily wiretapped from outside the network operator’s environment using equipment available in the black market. SMSes can also be modified by wiretapping equipment.
However, eMudra SecMsg — a patent pending secure messaging solutions launched by 3i Infotech Consumer Services — is set to change the perception of the users on mobile messaging. The application which is based on public key infrastructure (PKI) technology, is not only ideal for mobile banking purpose but also for peer to peer communication when the sender wants to maintain the confidentiality of the message that he is sending.
A bank which wants to avail the SecMsg service will have to pay a one-time software licence. Even though the product has been initially launched targeting the banking industry, this can also find applications for authenticating any banking or e-Commerce use .
“We wanted to launch this for the banking community first because this is a regulated business where the critical customer data, financial data is being communicated. We are talking to about eight banks now both in private as well as public sector, and most likely by December this year we would have done two implementations,”says Ravi Jagannathan, MD and CEO, 3i Infotech Consumer Services.
An individual who wants to use SecMsg application, can download the secure message application and install it in his mobile during the course of which he will be asked to select a four to six digit password. Once the user selects the number, it becomes the unique number for his/her mobile phone to access any message that is coming in a secured way or to send messages in a secured way.
Besides, when someone is doing online transaction whether it is banking, insurance, credit card payment or even for buying tickets or goods online, he will get a message on his mobile phone asking the user to confirm the transaction by digitally signing it.
3i Infotech is also looking at offering the services as a value-added service (VAS) to mobile services providers.
“If a person sending the message and the person receiving the message are using our application, they will be able to send encrypted SMSes to each other. We want to work with service providers to launch this service because it is a value-added service for them. We can open a VAS model on a monthly subscription basis for the users,” adds Jagannathan.