C

ell phone operators have defended the security features they use on their networks, saying the fact that the telecommunications industry operates in the public sphere makes it susceptible to interception.

Operators emphasized they could only secure the interior, not the exterior, parts of telecommunications infrastructure.

The safety and privacy of telecommunications is in question following reports that the US National Security Agency (NSA) has helped the Australian Signals Directorate (ASD) to intercept data from PT Indosat (ISAT) and PT Telekomunikasi Selular (Telkomsel).

'€œWe are running on a public network, not a secure network. So we adhere to global standards related to public networks,'€ PT Indosat CEO Alexander Rusli said.

Cell phone operators worldwide follow global telecommunications standards published by international bodies such as the International Telecommunication Union (ITU) and the GSM Association (GSMA), the latter a worldwide association of telecommunications operators.

Alexander added that secure networks, unlike commercial networks, use more advanced technology to ensure better protection against interception. Therefore, secure networks are more common among security and defense agencies, such as the military.

However, adopting this technology on public networks makes the transmission of messages more complex and, therefore, can bog down telecommunications.

'€œWe have to make a choice between ease of use and being fully secure,'€ Alexander said.

Telkomsel vice president for technology and systems, Ivan Cahaya Permana, added that operators could only control the telecommunications infrastructure within their business operations.

'€œTelecommunications networks consist of two parts: non-infrastructure and infrastructure,'€ he said.

Ivan said that non-infrastructure was related to the handsets that subscribers used and the process of handsets sending voice calls and text messages over-the-air (OTA) to base transceiver stations (BTS).

He added that operators had no control over non-infrastructural elements, given that handsets were under the possession of subscribers, and as the transmission of messages from handsets to transceivers occurs in public air space.

Ivan further said that these two elements '€” handsets and over-the-air transmission '€” were highly susceptible to interception.

'€œAll text and voice [messages] sent from handsets are encrypted based on a combination of constants, such as the handsets'€™ IMEI [International Mobile Equipment Identity] and SIM [subscriber identification module] card number,'€ he pointed out.

The IMEI is an identification number unique to every handset.

According to Ivan, although every handset has a unique encryption, malware embedded into handsets unbeknown to owners could collect and send information to third parties.

'€œMeanwhile, over-the-air transmissions could be intercepted using special devices, which could capture and decrypt signals,'€ he added.

However, he added that these devices, available on the black market, had to be situated close to the target in order to intercept a signal.

Meanwhile, Ericsson Indonesia spokesperson Hardyana Syintawati said that once transmissions reached the transceiver, access was restricted.

'€œThe level of access to the radio base stations, such as to review configuration, is set according to the needs of relevant parties,'€ she said.

'€œAny activities to access base stations are recorded to further enhance security,'€ she added.

Ivan further said that once the text or voice message is within the infrastructure belonging to operators, interception could only be undertaken by law enforcers, in accordance with regulations.

'€œHowever, there are procedures to observe. The law enforcer requesting wiretapping has to be of a certain rank and has to forward the legal case under investigation,'€ he said.

'€œInvestigators should also know which number they would like to tap. Investigators and Telkomsel representatives should be present during the initial wiretapping of the device, as well as during wiretapping activities,'€ he added.

PT Indosat acting chief technology officer, Ginandjar Alibasjah, added that the depth of information that investigators could access also depended on which part of the operator'€™s infrastructure they tapped into.

'€œIf they tap into our billing system, they can only see a list of the calls coming in and out. However, they can access conversations if they tap into our core,'€ he noted.