Secured SMS Receiver System for Android Devices

Abstract

Now-a-days the place of SMSs has been substituted by various chat applications like “Whatsapp”, “Hike” etc. No one uses SMSs that frequently to pass messages from one to another because of the arrival of the free data services and cheap data packs from the ISPs. But SMS still plays a very vital role in our day to day lives and its theft is increasing concerns to secure it. No airline or bank or subscription services send their transaction details through any web application but through SMS. Now, what if these important SMSs could be traced by some malicious person or a machine which is dedicated to do some evil activities? Let us take an example of a normal routine bank transaction, first the details are filed online that are public and anyone can have the access to i.e. the debit card number, the CVV number at the back and the name of the holder. Now in the next step bank sends an OTP i.e. a onetime password which is to be used one per transaction or valid for a certain time span that is very short. This password is sent so as to keep the security system safe and dynamic, but, what if someone is able to read it through an external application? He/she can do a lot of damage to the pocket of the user to which the card belongs. SMS theft is a phenomenon in which all the SMSs that are received or sent through a mobile phone device are stolen by some malicious user or a spy. This in the hacking world is called as information leak attack. In this work we are trying to build a secure environment for the SMS transactions that are being stolen especially from the devices using the open source android operating system. The android operating system is vulnerable obviously because of its open source nature and thus we are trying to build a concept in the form of a sample application to illustrate the vulnerabilities as well as the methods to curb those vulnerabilities.