OREANDA-NEWS. Deutsche Telekom’s SiMKo 3 security smartphone has successfully withstood testing by the German Federal Office for Information Security (BSI). This latest generation high-security cell phone, affectionately known as the "Merkel phone" after the German Chancellor, has officially obtained approval for security level VS-NfD (classified information for business use only). Members of the federal govern-ment and employees of ministries and federal authorities will therefore for the first time have access to a mobile device that incorporates the newly developed L4 high-security microkernel as its operating system for transmitting classified information.

The microkernel contains just 10,000 lines of program code in contrast to standard commercially available smartphones, which use millions of lines of code. Stephan Maihoff, who is responsible for SiMKo at Telekom, points out that "It is practically impossible to test such large operating systems which are also constantly being modified by subsequent development work. You cannot exclude the possibility of back doors. To counter the risk of hacking, we use a transparent kernel that leaves no hiding places for surprises and offers security from the inside out."

The microkernel and security technology are made in Germany.
Telekom exclusively uses companies based in Germany for the SiMKo 3's kernel and security technology. Certgate crypto cards are used and NCP ensures encrypted connections, both firms are based in Nuremberg. The L4 microkernel system was jointly developed by Dresden Technical University, Dresden start-up Kernkonzept, Telekom Innovation Laboratories and Berlin start-up Trust2Core.

Samsung intends to push ahead with secure telephony and surfing.
It was only possible to implement the kernel as a result of particularly close cooperation with Samsung. "Thanks to extensive cooperation between the SiMKo 3 project team and our development department, together we have managed to bring a high-security smartphone based on the GALAXY S3 to market. Customers who have exacting security requirements can now use one of the most successful smartphones in Germany as a mobile work device," says Dongmin Kim, President of Samsung Electronics Germany. "As the market leader, we are committed to taking secure telephony and data transmission forward."

L4 kernel makes two devices in one case possible - but keeps them strictly separate.
The sophisticated security technology in the new SiMKo is already up and running as soon as the smartphone is switched on and boots up. The L4 kernel immediately takes over complete control of the device and only permits operations that are secure. Another new feature of the SiMKo is the fact that it combines a secure device and an open device in one case. By simply swiping the screen, the user can toggle between secure and open operating modes in order to switch from composing a confidential message to obtaining train or flight information for instance. The L4 kernel makes sure that the open part of the smartphone does not pose a security risk. It makes it possible for the SiMKo 3 to run two separate operating systems that behave like two completely independent devices. Data on the open and on the secure side are strictly segregated thanks to the high level of isolation ensured by the microkernel. The user can install applications for both the open and the secure area. Programs can either be downloaded from a specially protected Telekom app store or from the customer's own servers.

Encrypted phone calls, remote deletion.
The SiMKo 3 is not only designed to handle data applications such as e-mail, calendar, contacts and tasks. It can be used out of the box as a tap-proof crypto phone which will in future offer encrypted phone calls based on Voice over IP using highly secure encryption methods. In addition, development of the government's official SNS Standard (Secure Multi-Network Voice Communication) will be completed in the next few months. If a device is lost, nobody can see what is stored in it. The Certgate crypto card takes care of user authentication and encrypts all data on the device. In addition, the content of the device can be deleted remotely.

Further development - SiMKo with LTE, tablets and notebooks.
The new SiMKo 3 is available right now and costs EUR 1,700 with a two-year contract. Telekom is already working on a SiMKo product range that includes tablets and notebooks for working from home. A SiMKo 3 model that supports the high-speed LTE wireless standard is coming soon.

Telekom's SiMKo devices are aimed at both the public sector and industry. Almost 90 percent of all companies equip their staff with mobile devices so that they can access corporate data from anywhere. However, many companies do not secure mobile data access adequately. If sensitive corporate data falls into the wrong hands this can have serious economic consequences as well as raising personal liability issues.

Mobile networks experience 30,000 attacks a month.
In 2012, Telekom's IT security experts logged 30,000 attacks against mobile networks every month on average, with the preferred means of attack via mobile devices. Hackers are becoming ever more systematic in their methods. Instead of generally watching for the weak points of smartphones and tablets, as was normal in the past, attackers now try to selectively read entire address books via mobile devices with the aim of stealing data or uploading a malware code in order to misuse the devices for their own purposes without being noticed.