Aol.|Mail|Click here to return to

Digital Life

Is your phone the next form of identity theft?

For some of us, our cellphones have turned into our always-there personal assistant. They help us keep in touch with friends and family, snap pictures, stay on top of the news, and get the latest scores for our favorite sports teams. This dependency has also come to the attention of hackers, and recently one such hacker has come out to say he found a way to gain access to phones through a simple text message. What does this mean? The data of 750 million users is potentially at risk.

If you're not familiar with a SIM card, it's a small chip that sits inside your phone and allows you to connect to your cellular provider's network. Since they contain your phone's identification and information, it's only natural they have gone through iterations of security improvements. However, a recent New York Times article brought to light the fact that a security researcher figured out a way to gain access to your SIM card. This researcher, Karsten Nohl, has stated he can gain access to SIM cards running on an older encryption standard via a simple SMS (text) message. Once access is gained, Mr. Nohl says that "he was able to send a virus to the SIM card through a text message, which let him eavesdrop on a caller, make purchases through mobile payment systems and even impersonate the phone's owner." During his research, Mr. Nohl tested over 1,000 SIM cards and was able to gain access to just under a quarter of the cards he tested, reports Forbes. Mr. Nohl estimates that roughly 750 million SIM cards are vulnerable to this exploit.

According to Forbes, US based cellular providers Verizon and AT&T have stated they were aware of this research and said that their SIM cards were not at risk. Additionally, Mr. Nohl has already provided data on his two years of research to the GSM Association, the organization that represents the mobile industry. The Times says that the GSM Association has issued a statement saying they have looked over the study, and "passed [it] along to operators and to makers of SIM cards that still relied on the older encryption standard."

In spite of this, the chances of your phone getting hacked this way are pretty low. Even though Mr. Nohl is claiming 750 million devices are at risk, a report from 2012 states there are about 6 billion mobile subscriptions in the world. That means roughly 12.5% of the world's phones are at risk from this security exploit. Given that Mr. Nohl has informed the GSM Association, there will likely be a strong push by them to get all manufactures and providers up to current security regulations. If you do have your original SIM card and happen be on a mobile provider who has relied on SIM cards for more than five years (in the US this is primarily AT&T and T-Mobile), you can always ask for a new SIM card which should bring you up to security encryption standards.

Photo: MIKI Yoshihito