Intercepting Mobile-ID SIM Toolkit Calls On Android
Date
2023
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Tartu Ülikool
Abstract
This thesis investigates the security risk of intercepting Mobile-ID SIM Toolkit calls on Android. The investigation is done by modifying the Android operating system with malware. Through an in-depth analysis of the communication protocol between an Android phone and a SIM card, this study demonstrates that attackers who have gained access to the victim’s phone through illegitimate apps or other exploits with root privileges may be able to remotely control Mobile-ID operations by intercepting SIM card communications. From there on, the system could complete all Mobile-ID transactions surreptitiously and automatically. This thesis aimed to research the security architecture of Android OS concerning Mobile-ID and discuss possible options that a malware creator would have to implement to achieve SIM command intercepting capabilities.
Description
Keywords
Mobiil-ID, SMS, SIM-kaart, Malware, Android