5 things you need to make a secure call

5 Things You Need to Make a Secure Call

a phone with secure calling

If how to protect and make a secure call has been on your mind recently, you're not alone!

If you're going to secure your calls, you need an application or service you can trust.

Today we'll review five things the app and secure call service need to have, which are:

Platform
End to End Encryption
Verification Methods
A Global Presence
Support

Platform

To make secure calls you need to use encryption, which means both sides need to use the same application.  If you want encrypted cell phone communication, you're going to need an app.

iPhone and Android

When choosing your secure call app make sure there's a client for both Android and iPhone.

 

  • Encrypt Your Whole Phone

    While your at it, it doesn't hurt to use cell phone encryption software to protect your whole phone, in case you loose it or it's stolen.

    There are a number of good encryption apps for android or iOS in the app stores!

 

End-to-End Encryption

Encryption keeps your information safe even if someone manages to intercept it. When your talking about privacy, you need end to end encryption. End to End means that your data, voice, and messages are encrypted all the way to the recipient's device. Most apps only encrypt in transit to the server, leaving you vulnerable to the provider (employees), governments, and hackers listening in.

  • a silent icon
    It's like your own cone of silence!

    Your conversation stays as private as it would be if you had it in-person (and in the middle of the woods.) End-to-end encryption means that every syllable is protected each step of the way as it makes its way from your mouth to the recipient.

Verification Methods

Now that your using end to end encryption, you need a way to verify that your encrypted all the way to the other person. Man in the Middle attacks are used to make you think your encrypted all the way to the other end. This method of attack jumps in the middle of you and the other person, accepts your encrypted connection, records your call, then re-encrypts the data back to the other party.

You need a way to verify the encryption is really end to end!

For secure calls, short authentication strings or "SAS codes" are necessary. When using ZRTP, as RokaCom does, each user receives a SAS code on their screen after the call connects. One user says "My SAS code is 12xy" or whatever the code is. The second user hears that code in the first user's voice. Hearing the codes said in their voice, confirms the connection is secure end to end.

How would I know if it wasn't secure end to end?

Simple, the two sas codes would not be the same. One person would say, "I have SAS code xy12" and the other would say, "Wait I have SAS code 76df, we are not secure!"

Simply relying on encryption is not enough. Your method of secure calling needs to have a way to verify each and every call!

Secure call man in the middle attacks
secure calling on mobile what you need to know
Man in the middle attacks make you think your sending encrypted communication, but you're not.

A Global Presence

To make a secure call service effective, the provider needs to have servers around the world! Some secure call services only provide coverage for certain countries or areas, which causes that awful delay heard between speaking. You know this is happening when you think the other side is done and you talk over each other. Then there is the awkward pause after you speak. This is caused by the server your connecting too being to far away from both sides of the call.

Users in different countries:

For example, if your in the United States and you want to call someone in Europe, your server should be close to both of you, the US or Europe, or both. This will reduce the time it takes for the secure call to transit between you.

Users in same country, server in different country:

However, now imagine if both of you are in the United States, but the server your connecting too is in Europe. Your secure call data will have to transit to Europe and back continuously! This will cause a 1 to 2 second delay every time you stop talking.

Make sure your provider has a global server presence close to you. If you're a busy professional who's always on the go, you need to know the service will be available wherever you are!

Support

Free is great, but what happens when the secure call services aren't working? I'm sure that developer of the free app will answer the phone and walk you through your issue.  Seriously, if you are wanting to protect your business calls, pick a service with support.

RokaCom

RokaCom knows what it takes to make a secure call, which is why we've provided all of these features for our customers. We've gone above and beyond the NSA requirements to give you the best in privacy. It's our goal to bring you a reliable secure calling and messaging service that you'll actually want to use.

Even we can't decrypt your calls and messages!

It's so secure, even our staff can't read your messages or listen to your calls! From a major corporation to a state-level government institution to an average citizen, there's a lot of reasons to protect what we know from the wrong people.

Free Trial

If you're interested in trying RokaCom, sign up for a Free Trial.  No payment needed!

About Patrick Stump

The CEO and founder of Roka Com, Patrick has been a key player in both offensive cyber intrusion and security operations with multiple branches and agencies of the United States Government (USG), the military, and commercial industry.

Connect with Patrick on LinkedIn