- Researchers have discovered that the RCS protocol exposes most users to several cyber attacks.
- These risks are said to be mitigated by implementing the protocol with the security perspective in mind.
What is RCS?
RCS, expanded as Rich Communications Services, is a protocol that aims to replace SMS. It enables several services including group chats, videos, and file transfers without additional applications. This protocol was taken over by the GSM Association in February 2008.
RCS has already been launched by various operators, with more operators looking to adopt it.
Understanding the risk associated with RCS
According to security experts, this protocol allows hackers to perform a number of cyberattacks, including the complete take over of the device.
- Android devices are said to be more vulnerable to this attack because Android messages, which is a popular RCS client, does not validate the domains and certificates properly.
- The risks include caller ID spoofing, data interception, and location tracking. These, in turn, can launch other malicious activities, including introducing a new attack vector by lifting RCS configuration file using malicious apps, brute-forcing codes used to validate RCS users, and taking over email accounts using data interception.
“The underlying issue is that the RCS client, including the official Android messaging app, does not properly validate that the server identity matches the one provided by the network during the provisioning phase,” say security researchers at SRLabs.
What can be done?
A number of best practices have been suggested to defend against the risks posed by the RCS technology.
- Authenticate using secure elements and implement strong authentication codes.
- Validate client identity using a number of components.
- Allow connections only to trusted domains and certificates.
- Filter uploaded content and avoid information leakage.