With the FIPS 140-2 validated TrustChip, KoolSpan's solution is the first hardware-encrypted security for the iPhone 4 series.
For many civilian and military employees, having access to secure voice communications is essential. While voice encryption is available via a software solution, only the combination of hardware- and software-based encryption delivers the most secure connection. In fact, the National Institutes of Standards and Technology recommends that all federal users implement hardware-based security.
TrustCall from Maryland-based company KoolSpan is the first hardware-based mobile security solution made for the Apple iPhone 4 series phones, according to the company. It uses TrustChip, a FIPS 140-2 validated MicroSD chip that was already available for Android phones. It actually supports key management, authentication and, of course, encryption for various applications, but it is designed to work with the TrustCall software.
We found it quite easy to install the TrustChip onto an iPhone 4S. The TrustChip comes already installed in a TrustSleeve (which is a Device Fidelity iCaisse4X sleeve), so users can just dock the iPhone onto the 30-pin connector and snap the sleeve cover on to keep it all in place. The 1200 mAh battery mitigates the extra juice needed to make encrypted calls and can extend the phone’s battery life to up to 12 hours of talking. The TrustSleeve weighs 2.6 ounces, which is about half again what the iPhone itself weighs. This makes the phone noticeably heavier, but seven and a half ounces is not too cumbersome.
The software is easy enough to install and configure. Before it can be used, however, users will need to enter the KoolSpan Notification Service account info. This service is provided by KoolSpan for those using its management servers; if the management server is in-house, the management software will generate it. Once the account is set up it is ready to start making calls.
A phone’s contacts can be imported into TrustCall, or users can enter them manually or even dial up a number on the keypad. If the call recipient has a TrustChip and TrustCall installed, it will let him answer the call. At this point the connection is authenticated and encrypted by the server, and after about 40 seconds the call can proceed. We found the sound quality to be equivalent to an unsecured call over the same network.
If the sleeve is removed, a call cannot be initiated through TrustCall. It merely displays an error message and notes the call attempt in the history. If another phone with everything in place tries to TrustCall the sleeveless phone, the call just never gets answered, though it would be helpful if the caller got a message stating why the call didn’t go through.
We only found one potential issue with TrustCall, in fact. A user who calls a contact using the phone's regular contacts app will initiate an unsecure call that the recipient will answer on his unencrypted phone. The danger here is that if a user isn’t accustomed to opening TrustCall to make encrypted calls, then he may assume his call is secure when it really isn’t. Although this potential user error shouldn’t be held against TrustCall, we felt it was worth pointing out.
KoolSpan is selling the TrustCall for iPhone 4 package, which includes the TrustSleeve with TrustChip installed for $119. There is also a $45 per month fee to use KoolSpan’s servers for encrypted calls. This isn’t too expensive for a few users, but for more than that, the monthly fee route is probably not the way to go. KoolSpan also sells its management software, which might make more sense for an agency with a large number of users.
NEXT STORY: DHS strikes deal to improve USB drive security