"The encrypted SIM cards will allow secure interaction over email and SMS from a cell phone."
Because we don't already have secure interaction over email today?
SMS is only useful for one time pass-codes that expire very quickly.
Using existing 3G handsets and HTTP / HTML they can already do secure banking over the 3G network.
All they are going to do is slow it down by a factor of 5,000 --- Just like a lot of 'production ready(tm) enterprise solutions(tm)'.
Seriously, think about it.
We solved this problem.
Lets solve it again --- and make it worse.
How does this help... anybody?
Communication over email and SMS using cell phones is widespread in India given the mobile penetration. The Indian government is planning to come up with guidelines to issue encrypted SIM cards with digital signatures unique to an individual or company.
The encrypted SIM cards will allow secure interaction over email and SMS from a cell phone. Phone banking has picked up in India and the enterprises make use of emails that they would prefer secure to avoid any breach of security. Digital certificates for SIM cards in such use-cases will be helpful.
The encrypted SIM cards will be a proxy SIM card issued. N Vijayaditya, Controller of Certifying Authority talking about the project said, “To make India’s future in mobile banking and mobile transactions secure, we are recommending the certification of proxy SIM cards with digital certificates, which can be inserted on top of regular SIM cards. These will enable the signatures with emails and even SMSes sent via mobile phones.”
According to Murali Venkatesan, an enterprise specialist at Sify, a regular 160 character SMS is about 40-50 bytes of data however, digitally certified SMS would be around 256KB. Bigger size, more the cost per message but given the ease of use of mobile phones, the enterprises might consider the option. Banks and government tenders use encrypted keys for transactions over the computer, a proxy SIM card will be a hassle to manage for the end user.
