Hi Ty,
On Tue, Feb 07, 2012 at 03:18:46PM +0300, ty wrote:
I work for one of the leading mcommerce providers in the country as a security analyst and from the architectures, yes all the transactions take place via secure channels. However, my concern has always been after the transaction leaves the application and is handed over to the USSD gateway for the MNO, is it possible at an SS7 layer to intercept the said traffic?
There is nothing specific to USSD here. It's a MAP transaction, encapsulated in TCAP+SCCP+MTP3 or any of the SIGTRAN variants. So the question is basically a general question on SS7/SCCP security, and thus off-topic on this list, which is about OsmocomBB baseband development and not core network technology.
I haven't seen any research into how USSD can be intercepted OTA just like GSM voice calls have been intercepted.
USSD is transported on a signallign channel like SMS or call control. Thre is no difference in terms of intercepting or MITM from voice/SMS.
Regards, Harald