In a not-so-distant past time, SMS was the primary form of communication. On flip phones, where you would have to rapidly press a key to type ‘R,’ texting was something that few people thought much about. Since cybersecurity wasn’t that big of a topic in the 90s, 00s, and early 2010s, the general public didn’t question if texting was a safe form of communication. Since there wasn’t any reason to question the safety of texting. There was no reason to stop using SMS as the primary means of communication.
As technology advanced and we started using other ways to connect with people, like social media networks and dedicated messaging applications, we began to phase out SMS. Even though we’ve started to phase it out, there were still two trillion SMS messages sent in 2020 in the US. Each one of those is unencrypted and easily interceptable by potentially malicious intruders. Find out why you should stop using SMS and why it could be dangerous.
- How to Make Signal Your Primary SMS App
- What Is a Cybercriminal?
- Security Settings to Keep Your Android Device Safe
- WhatsApp: How to Prevent Your Account From Being Stolen
What Does SMS Really Mean?
SMS stands for short message service (or just texting for short), the first sent in 1992 over the Vodafone network. Every mobile phone operator supports SMS, just as they support phone calls. For decades, texting and calling were the two primary forms of mobile communication. Its universality and the fact that anyone could talk to anyone since all mobile phone networks support SMS meant that the world could globalize rapidly and become truly interconnected.
Your phone constantly sends and receives information, even if you’re not actively on a call or texting. This is because it’s always connected to a nearby cell tower, so you can receive any communication when it arrives. Suppose you saw old movies of telephone operators redirecting calls in a central control hub. In that case, that’s basically what cellphone towers are doing for your texts.
That’s great for quickly receiving texts, but what about safety and privacy? Is it possible for someone to intercept these messages? We’ve seen the typical movie trope of government agencies tracking peoples’ whereabouts when they’re on a call, but is something similar possible with SMS? What we can say is that SMS texts are extremely unprotected and vulnerable.
Why Should You Stop Using SMS?
Cybersecurity is a relatively recent topic (at least in the public eye) due to increased breaches, hacks, and leaks in digital institutions. Snowden and his NSA whistleblower leaks revealed to the public how much information gets passed around through our primary means of communication. The thing about SMS is that it’s almost entirely unencrypted. Other messaging services like Whatsapp, Telegram, or other dedicated services encrypt every single message, meaning attackers have to crack each key to access any information.
You might think that that isn’t much of an issue. If you do use SMS, then maybe it’s only in a limited fashion, like asking your friend what they want for dinner. However, you might send pictures, videos, or other information like bank numbers, emails, etc., via SMS. Or, consider this scenario. A hacker has targeted you either via a phishing scam or by brute forcing your easy-to-crack password on a particular service. They managed to get your mobile bank app details but need your two-factor authentication code for unlimited access. Banks still use SMS to send these codes, meaning that technically, the hacker could intercept this code, enter your bank app, and steal all of your money.
Hackers use SS7 (Signaling System No. 7) network flaws to intercept calls and texts. What SS7 does is allow phone networks to communicate with each other and connect customers across the network. These intruders could include foreign governments, malicious agencies, individuals, or criminal groups. However, the technology is old, and we’ve known about certain flaws and vulnerabilities since at least 2008. Despite consistent high-profile breaches, however, SS7 and its flaws persist.
There are many reasons why you should stop using SMS, but what else are we supposed to use? It’s not the public’s fault that institutions still use SMS to send vital information. What alternatives exist?
Are the Alternatives Better?
First and foremost, you could use dedicated messaging applications to talk with coworkers, family members, friends, and others worldwide. This would at least ensure that your messages are encrypted and more difficult to intercept. Apart from that, there are two SMS alternatives out there:
iMessage is Apple’s proprietary text messaging protocol and is the company’s solution to unprotected messages. iMessage is an internet-based alternative to SMS, which relies on cellular data and WiFi rather than connecting directly to cell towers. The caveat is that it’s only secure and reliable when communicating with other iMessage-enabled devices. Your text messages are only secure if you’re an Apple user communicating with another.
There’s absolutely no reason Apple can’t also allow Android devices to access iMessage. For a long, experts and authorities have urged the company to make iMessage universal, yet Apple remains defiant. This is probably due to marketing reasons. You may have seen memes about sending a text to someone and it delivering green instead of the trademark iMessage blue – that feels like more of a marketing ploy than blissful ignorance.
So with iMessage, encryption means nothing if you have a different device (and Android has an approximate 70% share of the global mobile device market).
RCS (Rich Communication Services) is similar to iMessage in that it’s an open communication protocol but implemented by other smartphone providers like Google. Although the company didn’t develop RCS, it advocates for the protocol.
RCS isn’t encrypted by default, but Google’s worked to develop it and created its end-to-end encryption for those who use Android devices. It’s important to note that Google has repeatedly asked Apple to use RCS or at least implement some level of cross-platform compatibility, but the latter continues to refuse. Therefore, this makes RCS as inefficient as iMessage for those using it to send texts to iMessage users.
It’s unfair that consumers have to bear the brunt of corporations’ actions. The public wants a way to communicate with each other globally without having to worry about if their life is going to get ruined by some hacker. In an ideal world, Apple and Google would collaborate to create a single open communication protocol that could work with all platforms. Until then, the only workaround is to use messaging applications with end-to-end encryption and hope that no hackers can access our two-factor authentication codes.