How Qualcomm wants to protect itself against thieves … and cops

Are you sure your phone is not cheating on you? Fraudulent cell sites can now be run on small, widely available boxes that transmit bad data and phishing messages, Qualcomm said at its Snapdragon Summit today. Otherwise known as “Stingrays”, these bogus cells can be managed by criminals, law enforcement or security agencies to collect your personal data without your permission.

At its summit, Qualcomm showcased the new anti-identity theft technology built into its X65 modem. This modem is part of its new Snapdragon 8 Gen 1 chipset and will likely be used in the iPhone 14 as well.

The lines are based on an initial connection phase between the telephones and the mobile telephony towers which does not involve any authentication, according to Wired. Mattias Huber, senior software engineer at Qualcomm, says that even if operator authentication eventually kicks in, a lot of mischief can be committed (and data collected) before it does.

The spoofed cells can now run on $ 1,000 boxes readily available in China, and criminals there are using them to trick phone users, send them fake messages and steal money, Huber says. For example, a criminal gang could plant a fake cell on the edge of a small airport. When travelers turn off airplane mode after landing, the phones connect to this cell, which sends them a fake SMS from “their bank” to collect their connection information before handing them over to a “real” cell.

The anti-spoofing technology runs entirely on the modem, never even going out to other parts of the chipset, and it uses heuristics to find what it considers suspicious activity coming from a cell. For example, a cell that tries to downgrade a phone from 4G to 2G and then send an SMS before proper authentication might be suspicious. These cells are then either deprioritized, so that your phone tries to use absolutely any cell before it, or banned altogether.

While previous modems had this technology for connections up to 4G, the X65 extends anti-spoofing to 5G, Huber says.

An evil cell (detected on the right) tries to transmit evil SMS messages (on the left.)

What about the cops?

Stingrays are also commonly used by government security services to keep an eye on people. Huber says they’re frequently found at airports and borders, sucking credentials from phones entering a country. These stingrays are generally more passive – they won’t try to phish you – but that’s not ruled out, especially in spy or anti-dissident scenarios.

Recommended by our editors

Stingrays are commonly used by law enforcement in the United States and do not require a warrant to be used, although a new bill may change that, BuzzFeed reported earlier this year. The bill is blocked in committee.

If the government in question has obtained security keys from local mobile operators, there is little Qualcomm can do, Huber says. The X65’s anti-Stingray technology is based on cells that do not have the authentication keys that bind them to the SIM cards of wireless operators. Criminals with retail units will not get them; a national government’s security service likely will. (Security can also probably just monitor data within an operator’s core network, reducing the need for Stingray.) Local cops? Not sure.

5G anti-spoofing technology also needs to be configured by phone makers, Huber points out. It will be available as an option on the 2022 flagship phones, if the phone makers choose to enable it.

Race to 5G newsletter to get our top mobile tech stories delivered right to your inbox.","first_published_at":"2021-09-30T21:18:21.000000Z","published_at":"2021-09-30T21:18:21.000000Z","last_published_at":"2021-09-30T21:18:03.000000Z","created_at":null,"updated_at":"2021-09-30T21:18:21.000000Z"})" x-show="showEmailSignUp()" class="rounded bg-gray-lightest text-center md:px-32 md:py-8 p-4 font-brand mt-8 container-xs">
Do you like what you read ?

Sign up for 5G race newsletter to get our best mobile tech stories straight to your inbox.

This newsletter may contain advertising, offers or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of use and Privacy Policy. You can unsubscribe from newsletters at any time.