FAQ – CryptoPhone

General Questions about GSMK Cryptophone Products

What is a CryptoPhone?

CryptoPhones are cellular, desktop or satellite phones that provide security against anyone listening in on your calls and mobile messages. To set up a secure call or communicate by encrypted SMS, both parties need to use a CryptoPhone.

 

What threats does a CryptoPhone protect against?

We designed GSMK CryptoPhones to offer security against anyone who tries to listen into your calls or intercept your SMS, both inside the telephone network and on the air. GSMK CryptoPhones provide end-to-end security so the call or SMS is fully encrypted all the way between the two CryptoPhones involved in a call.

Today`s complex telephone systems make it impossible to predict what path a communication link takes inside the network. Calls and messages are routinely transported over unencrypted directional microwave radio links that are subject to easy interception with simple equipment. In order to save costs, calls are frequently routed through networks or operators that might have dubious security standards. Your whole business confidentiality might get compromised by a single corrupt phone company employee. There exist devices known as “IMSI-Catchers” which allow anyone to listen into mobile phone calls. IMSI-Catchers are readily available on the market and are being used with increasing frequency. All these threats can be eliminated by using the CryptoPhone.

 

 

How do I know that a CryptoPhone is right for me?

When you are operating with sensitive information that could possibly cause danger or damage to you or your clients if compromised, a CryptoPhone is right for you. If you ever have talked on the phone and thought “let’s hope that this call has not been intercepted by someone”, the CryptoPhone is right for you. If you have ever talked about a transaction worth a million Euros or more on the phone, the CryptoPhone is also right for you.

 

What are your typical customers?

Typical customers are corporate executives, lawyers, accountants, bankers, mergers & acquisition specialists, consultants (management, tax, security), journalists, law enforcement officers, government organizations, NGOs, private investigators and other people who simply prefer to communicate in private.

 

So why should I buy a CryptoPhone?

Covering the full spectrum of voice encryption, secure messaging, and mobile device security, GSMK CryptoPhones offer true 360-degree protection and the best cryptographic security available on the market.

GSMK CryptoPhones are very easy to use.

The source code of the firmware is published, meaning it is under constant review by experts for security.

GSMK CryptoPhones have been developed without any government interference and do not provide any third party access to the encrypted communication or key material.

Our products are also affordable, so that communications security does not have to be a luxury. GSMK CryptoPhone secure mobile phones are based on standard hardware, which allows you to buy accessories at normal market prices.

The team that designed and produces GSMK CryptoPhones has spent the better part of fifteen years thinking about it. During this time, we have brainstormed with the top security people around the globe on how to do it right. One thing was clear from the start: The computer code behind the system must be available to the cryptographic/academic community (and to the public at large) to allow flaws and backdoors to be discovered and fixed as fast as possible. There is no other secure cellular, landline, or satellite phone on the market that offers this extremely important feature.

 

Questions about the Interception of GSM Calls

How can my calls be intercepted on the way from the GSM base station to the provider’s network?

Not all GSM providers can afford to have ‘land lines’ connecting their antennas on the street with the switching station and the rest of the telephone network. If you have ever seen a GSM base station antenna mast, you might notice that some of them have little round ‘dishes’, or ‘beamers’ at the side of it. These are the directional antennas for the microwave links that provide the connection to the rest of the network.

Over these links, all calls made in the area are transmitted to a point where they are fed into landlines. These links are very vulnerable, because no encryption is used on most of them. An interceptor can tap into the radio signal, and listen in to many call simultaneously. Commercial equipment for this kind of interception is available on the market at moderate prices. Interception of microwave links is commonly used when targeting a fixed facility, like a competitor’s office building. Attacks on corporations can be quite effective with this method, since there is often a company standard for the network operator of choice, so just one intercepted microwave link could yield all mobile phone calls taking place in the facility.

Nothing more is required than a very small rooftop antenna in the path or vicinity of the microwave link, a wideband receiver and the appropriate channel demultiplexing and recording equipment. Embassies of foreign countries are known to use microwave link interception from their various premises to stay secretly informed on what is happening in their host country. Embassies are usually located near the business and government centers, so this kind of interception has the potential to yield substantial information. Since the antenna radiation patterns of the microwave links contain so called sidelobes, receiption of their signals with sensitive receivers is also possible outside the straight line of the link.

The NSA (National Security Agency, the electronic surveillance intelligence agency of the USA) is also known to have satellite-based microwave link interception capabilities. Since the directional microwave beam does not stop at the receiving antenna, but travels further on in the original direction, it can be intercepted from space with a satellite placed at the appropriate position.

GSMK CryptoPhones protect against this kind of interception.

What is this IMSI-catcher I keep hearing about?

An IMSI-catcher is a device that can be used to determine the electronic identities of all phones in its vicinity. Most IMSI-Catchers also come with the ability to listen into calls directly. The electronic identity consists of the so called International Mobile Subscriber Identity (IMSI), which is associated with your SIM card and the International Mobile Equipment Identifier (IMEI), which is the serial number of your phone. With the IMSI your calls can be easily identified at any point in the telephone network and targeted for interception and traffic analysis. An IMSI-catcher is frequently used if the attacker does not know the telephone number of the victim or wants to illegally intercept calls.

The IMSI-catcher performs a so called man-in-the-middle-attack, putting itself between you and the network. It is essentially a small GSM base station that forces your phone to use it instead of the real network, determines your IMSI, and can then be used to disable or degrade the GSM encryption mode while transmitting your call on to the legitimate network. This mode of operation allows the attacker to directly listen into your calls. He can also disable your phone service and intercept or fake SMS messages to and from your phone.

At this moment we know of many different companies producing IMSI-catcher devices, and the list is growing rapidly. For a company manufacturing GSM test equipment, developing IMSI-catchers is a trivial task. Examples of publicly available IMSI-catcher equipment also include regular laptops that are connected to a small portable ‘femtocell’ base station and running publicly available GSM network simulation software.

Even when IMSI-catchers are used by legitimate law-enforcement agencies, they frequently affect a high number of calls that are not their target. The resulting number of unintended intercepts is called “by-catch” and is frequently used for all sorts investigations, especially popular with tax authorities in some countries.

GSMK CryptoPhones protect against the interception of the call content with an IMSI catcher.

Who are the people that try to listen to my calls?

Telecommunications interception has developed into a major industry in the last decades. Intelligence agencies of all countries routinely try to intercept calls that might yield them political, economic or military information. Several large intelligence agencies, like the NSA together with the british GCHQ run global surveillance networks that work like a big hoover, sucking in huge amounts of telecommunication with a vast worldwide system of antennas, special satellites, undersea and land cable taps, backdoors in switching stations and any other means available. The biggest computer capacities on earth are subsequently used to evaluate the calls, SMS, emails and faxes based on complex sets of criteria, forwarding the ones matching specific criteria to human analysts and database storage.

Today even small countries run their own sprawling listening and monitoring stations. They also try to get access to the big players’ interception capabilities by trading them the access to bases, facilities and interception results. The targets of these listening networks are not very specific. More and more of the capabilities are being used for economic espionage, but of course also to further the more or less noble intentions of the nation states that paid for them. If you think that these systems are only used in rare cases where national security is at stake, you are wrong. Telecommunications surveillance has become a fairly routine method for intelligence agencies and governments to stay informed on anyone who is even remotely capable of interfering with political or business interests. A set of agreements between intelligence agencies makes sure that the local provisions that hinder them to listen to their own people are not of any consequence. If the NSA wants to listen to a US citizen it asks the British GCHQ to do the intercept and then put the results into a shared database used by both agencies.

Other potential listeners work at the various phone companies. All network operators have listening capabilities for the purpose of “network trouble shooting” and “fraud detection”. These capabilities have been used routinely by corrupt phone company employees for their personal gain, selling call data and contents to criminal elements and industry spooks.

Private investigators also routinely and illegally try to get access to calls by a variety of means, for purposes of industrial espionage, business intelligence and economic warfare between competing companies. Big corporations have often have their own capabilities for telecommunications interception, especially in high-risk fields such as oil, minerals, fishery, mergers & aquisition and investment banking, to name just a few.

Law enforcement agencies have in the last years acquired an ever-rising set of capabilities, with ever-shrinking restrictions on their use. In almost all cases of even legitimate lawful interception a significant number of innocent people also got caught in the dragnet of surveillance (so called “by-catch”). Even if state laws would have required the innocent people to be notified, this often does not take place. Legal oversight in most countries is poor at best and routinely circumvented using various pretexts. Trusting that law enforcement agencies use interception carefully and only under strictly warranted circumstances is no longer justified. The number of reports about abusive and excessive use of interception without proper cause and even for minor infractions is raising substantially.

Intercept systems for law enforcement are often designed in such a way as to make it impossible to perform independent reviews on the usage of the surveillance devices. Even simple statistics on the number of interceptions are routinely held secret. The interception technology for law enforcement is also frequently sold by rather dubious companies. Almost all of these manufacturers have strong ties to foreign intelligence agencies. Practically all lawful interception products contain remote maintenance facilities, so it must be assumed that they contain backdoors. Such a backdoor is of course an interesting bargaining chip on the international intelligence bazaar.

“Lawful interception” also means a very different thing from country to country. In a dictatorship or some other less then democratic state, it is frequently “lawful” to intercept anyone at will. The technology for interception is available on the open market and is widely deployed even in the poorest areas of the world. It would be naive to assume that the term “lawful interception” somehow automatically meant that the interception is performed under even the most basic legal oversight.

But GSM calls are encrypted! My provider tells me everything is fine!

First of all, the encryption in GSM is only used to protect the call while it is in the air between the GSM base station and the phone. During its entire route through the telephone network (which may again include wireless links) the call is not protected by encryption anymore.

Secondly, it has been shown over and over again that standard GSM encryption is not good enough to protect your calls. GSM providers claim there is no problem, because a proprietary set of encryption algorithms named A5 is used. They tend to forget to tell you that most varieties of A5 in current use are weak and that experts have proven time and time again that this encryption is by far not sufficient against a determined listener.

There a four modes of A5 encryption currently in use:
• A5/0 means no encryption at all. Even in regular network operation this mode is used from time to time because of technical difficulties or outside interference. In certain countries network operators have been forced to switch back to A5/0 in times of “crisises”. Being between the GSM network and the phone the IMSI-Catcher can also direct telephones to use A5/0. Some network operators switch to A5/0 to save a little bit of bandwith in times of high network usage. The GSM specification requires phones to indicate to the user when crypto is set to A5/0, but there are several phones known not to comply with this requirement.
• A5/1 is the encryption mode used in Europe and other western countries. It is a bit stronger than A5/2, but can still be broken with moderate resources that are available to any private attacker with sufficient determination.
• A5/2 is the encryption mode used in Australia and several other countries worldwide. It has been broken time and again in realtime, on a standard personal computer. See our list of academic papers detailing the vulnerabilities.
• A5/3 is the algorithm that will be introduced for the next generation of networks and phones. It is claimed to be stronger then A5/2, but A5/3, too, has been shown to be broken by leading academic researchers. Plus, of course, even with A5/3 you are still vulnerable to man-in-the-middle-attacks like with an IMSI-catcher and it still your call is encrypted only in the air, not on the telco network. Over the past few years we have seen mathematical breakthroughs reducing the amount of computer-time needed to decode GSM calls. Since the cryptographic algorithms in GSM are currently the most widely used crypto system on earth, it is a very tempting target for cryptographers and mathematicians. GSMK CryptoPhones protect against this kind of interception.

Questions about the Cryptophone Technology

What kind of cryptography and what key length is used in the CryptoPhone?

All CryptoPhone calls are encrypted with 256-bit keys using AES and Twofish as counter mode stream ciphers. For SMS the algorithms are used in CCM-mode. Using both AES and Twofish results in much stronger encryption than using only one algorithm. For the highly unlikely case that a weakness is discovered in one of the algorithms, the use of the second algorithm provides still a sufficient margin of security. The use of the two very strong algorithms is a unique feature of the CryptoPhone. The key used is generated using a 4096-bit Diffie-Hellman shared secret exchange. For CryptoPhone calls a new key exchange is run for every call. For SMS the result of an initial key exchange is stored in the Secure Storage on the phone and used by means of a hash-chain.'

The crypto block diagram is shown below:

What is the voice compression used in the CrypoPhone? How does it sound? Is there a delay?

The basic design of a secure GSM phone is to take the voice from the microphone, digitize it and run it through a compression algorithm, before encrypting it and sending it via a GSM data call to the other party. The compression algorithm is also called a codec and does with voice what mp3 does with music – making sure it takes up less data.

CryptoPhones use two different codecs. The original CryptoPhone code is called CELP, running at 8kHz. The output stream of the codec is 4.8kbit/second, enabling it to be transported over a 9,6kbit GSM data call. The new CryptoPhone codec, first introduced with the G10i+ and now integrated in all current-production GSMK CryptoPhones, is a custom development based on ACELP which provides significantly improved sound quality while reducing the necessary bandwidth usage. The ACELP variant has been specifically optimized for an output bandwidth of only 4 kbit/s, so the complete CryptoPhone stream including all overhead data requires less then 4,8 kbit/s.

The speech and sound quality you can expect is comparable to international phone calls. You should note that the overall speech quality depends on the GSM signal quality, so degradation does happen in low coverage areas. While in unencrypted GSM the sound quality gets bad and you would experience dropouts as the phone moves out of coverage, with the CryptoPhone under the same circumstances the call delay can increase. Simple indicators on the CryptoPhone show GSM signal coverage and call quality / delay.

All calls made with mobile CryptoPhone are subject to a certain delay in the call, as if your call is routed over a satellite link. Most of the call delay originates from the way GSM networks handle the data calls. The CryptoPhone must use the GSM data call instead of the normal voice call mode to ensure a transparent communications channel between the two CryptoPhones. Because the delay is a side-effect of all GSM data calls there is nothing we can do about it. All available GSM encryption products on the market suffer equally from this delay. The CryptoPhone itself introduces comparatively little delay from the voice encoding and encryption. By consequence, GSMK CryptoPhone secure fixed-line phones are not subject to any such mobile network limitations.

So what does the software architecture of the CryptoPhone look like?

I noticed that GSMK CryptoPhone mobile phones are based on Windows Mobile. Isn’t this a security risk?

GSMK CryptoPhone mobile phones run on top of a heavily modified and stripped-down Microsoft Windows Mobile operating system. Windows Mobile provides an affordable and well researched platform that offered sufficient performance for the speech encoding and crypto functions. A Windows Mobile based system was chosen as the first platform for CryptoPhone because it was the only sufficiently fast device allowed us to do software integrity protection in ROM and the stripping of unnecessary functions.

We are continiously evaluating other platforms for CryptoPhone products and will put up announcements of additional platforms in due time. Unfortunatelly there is at this point in time no viable mass-market Linux based phone with sufficient choice of devices form factors, performance, stability, hardware integration and availability on the market, as we of course would prefer a completely auditable source base for our products.

We are aware that there are risks associated with using any Windows platform and we have taken a number of extensive measures to mitigate these risks as best as we could. We removed applications, communication stacks and system parts that are unnecessary for the CryptoPhone’s operation and which may cause potential security problems. Since we introduced our operating system hardening, for every attack that was published against Windows Mobile we could show that we had already identified the threat and disabled the affected components years before in CryptoPhones. While this is no guarantee for the future, we have at least a provable continuous track record in respect to systematically securing mobile devices, which is much more than our competition has to show.

Most important for you as a user is that you should not install third party software on the CryptoPhone to prevent software based attacks on the firmware integrity. Protection against trojan software that is intentionally installed by the user is nearly impossible, so it is your responsibility as a user to prevent that risk. The CryptoPhone firmware update mechanism is cryptographically secured.

What other platforms do you plan to release the CryptoPhone on?

We plan to offer products based on fully auditable hardware platforms. Today, we have created a family of interoperable CryptoPhone products that offer the privilege of secure communication on all relevant networks. We will continue to build on our achievements and introduce support for ever more networks and device platforms. Watch our website for more specific products announcements.

Questions about Published Source

Why is it so important to be able to review this ‘source code’?

The ‘source code’ is the blueprint of how the crypto-phone operates, and computer programmers can read this code. Cryptography/security is a fine art, and one simple error can introduce a serious flaw into the product. Customers of communication security devices have always had to fear not only programming errors, but also so called “back doors”. Such a back door would allow certain people to listen into encrypted calls at all times, for instance by revealing (part of) the cryptographic key during the call.

Introducing a back door into a crypto system does not even require active cooperation of the manufacturer of the equipment. All it takes is one bribed programmer to compromise an entire product.

We prevent this by allowing anyone to review our source code. And even if you do not understand the source code yourself you may find some comfort in the knowing there is a large academic community that likes a challenge, and will try to tackle our product. So any back door or programming error can (and will!) be found by eager students or security enthusiasts. Of course we tried our very best to write the code as well as we know how to. On top of this we have asked some of the world’s leading security consultants to look at critical parts of it. The conclusions of these ongoing evaluations are publicly >accessible. So in theory you would not need to trust us at all, because you could verify everything yourself. This public review process is also the only reliable method for us to make sure that we are the only one paying our developers.

Why are you the only vendor offering the source code for review to anybody?

We can only assume the other vendors have something to hide. They might be afraid of competition and want to protect so called “trade secrets”. The nice thing about our product is that we have no (trade) secrets, and invite everyone to make interoperable products based on the published protocol. We believe in standards that are open for anybody to join – as long as they go and implement their own product and do not steal from our published source.

Some manufacturers of cryptographic equipment, that are also currently in the business of selling secure mobile phones, have a track record of hidden cooperation with intelligence agencies and interested private parties. Some of them are not even using publicly scrutinized and standardized crypto algorithms (like the Diffie-Hellman, SHA256, AES and Twofish that we use), but “proprietary” encryptionmethods that are not available for public evaluation. Several “proprietary” crypto-algorithms that were not subject to public review have been shown to be easily breakable in the past, like the COMP128 algorithm that is in use in many GSM networks for authentication, so the “proprietary crypto” approach has to be regarded as very risky. The CryptoPhone contains only algorithms that are published, well known and thoroughly reviewed by the academic cryptography community.

How can I make sure that the firmware on my CryptoPhone is compiled form the same source that you publish and have reviewed?

We take a number of steps to ensure that you really get the correct firmware. The source code repository for the CryptoPhone is held at a computer that only our trusted developers can make changes to, and that is secured against physical access. If you plan to purchase a larger batch of CryptoPhones, we can arrange for a dedicated procedure that enables you to supervise every production step from the source code you reviewed to the the binary that goes into your batch of phones.

Under what kind of license do you publish the source? Why is it not GPL?

The source is published strictly for the purpose of security review and verification. You are only allowed to compile it to verify the correctness of the CryptoPhone binary and you are required to delete the resulting binaries afterwards. The fact that we publish the source does not imply any right for partial or complete reuse of the source in free or commercial products. You can not further disseminate the source or port it to other platforms without our permission. If you think you discovered a security problem or other bug and want to submit a patch for it, please contact us at security@cryptophone.de.

The CryptoPhone is a commercial product, like PGP is. The development so far took considerable amounts of money and developing the CryptoPhone into the future will cost even more. So while we strongly believe in publishing our source for security review, we will not give it away for free. Maintaining the integrity of the CryptoPhone development and earning the money to further develop it, are two goals that are unfortunately at this point in time incompatible with a GPL license. We will use all legal means to ensure that no one tries to compete with us on the base of our published source. You are perfectly free to develop a compatible product on the base of the published CryptoPhone protocol, but not using our source.

Please read the license agreement for further details.

What is the right procedure to notify you of a security problem with the CryptoPhone?

Please send us an e-mail to security@cryptophone.de with a detailed full description if possible including source snippets and your contact coordinates (PGP encrypted mail preferred, see Contacts page for key). If you prefer to stay anonymous we are fine with that, but please make very sure we can reach you via an e-mail account of your choice.

We will contact you immediately to acknowledge that we received your message and begin checking into the problem at once. You will get a dedicated contact person assigned for the verification process, to make sure there are no glitches in the communication with you. We will in no way interfere with your right to be named as the discoverer of the problem and acknowledge your findings on the security section of our website upon publication. However we kindly ask you to hold publication until we provided a security update to our users, to make sure they are not left out in the cold with a security problem. Our goal is to have a maximum turnaround period of 30 days between reproduction of the problem and publication, depending on severity and impact. We will inform you on the progress of our fixing efforts on a regular and timely basis.

Finders of serious problems will be awarded the CryptoPhone Award for Extreme Cleverness and a present (guess what…).

Questions about Purchase and Usage of Cryptophone Products

Are there any restrictions on the use of the CryptoPhone?

There are no restrictions on using the CryptoPhone for use in the EU, EØS, the US, Australia and Japan. To the best of our knowledge use most of Asia, South America and Africa is also unrestricted. In India and several other countries civilian users might be subject to regstration requirements. Use of the CryptoPhone in Russia and other CIS countries is possibly subject to state licensing with which we can not comply. If in doubt, we strongly recommend you check with a competent lawyer or with the authorities in your country.

We do not ship to companies, organizations and individuals that are on the official EU list of terrorism supporters.

I want to buy a CryptoPhone, but my business partners cannot afford one. What should I do?

To adress this problem we offer a solution not available with any other secure phone product on the marke: A freeware software version of the CryptoPhone that will turn any standard Windows PC (desktop or notebook) in a CryptoPhone-compatible secure phone! This software features the same algorithms and protocols as the CryptoPhone mobile, satellite and desktop phones and thus allows you to make secure calls between your CryptoPhone and anyone owning a windows computer and a modem. After installation of the software, anyone can set up a secure voice connection in no time. Please note that the free CryptoPhone for Windows software is currently on maintenance-mode development and supports only a limited number of modems. A commercial version of CryptoPhone for Windows is available on request for larger projects.

The software is available for download at the CryptoPhone website. For added security, ask your partner to use a dedicated machine for the calls. The only way real security can be achieved is if this dedicated machine is not connected to the Internet, and has no other software installed on it. This will prevent data thieves from hacking the computer, or sending them a virus. Malicious programs are a very common threat these days, so the use a separate computer for the CryptoPhone for Windows software is a prudent security measure.

But of course the best solution is to buy them their own CryptoPhone.

Are there any limitations or drawbacks on using the CryptoPhone for Windows software?

The CryptoPhone for Windows software is completely compatible with the CryptoPhone GSM and contains no time limits or other feature limitations. However, if you use the CryptoPhone for Windows with a landline and a modem and want to call a CryptoPhone GSM you might need to obtain a special data number that can receive modem data calls for the GSM call plan. This is because of a technical limitation present in all GSM networks. Another option is to use an ISDN landline because digital GSM-compatible data calls can be placed from it. Also, please note that as detailed above, CryptoPhone for Windows is a software application that by its nature cannot protect you agains attacks agains the device itself. GSMK CryptoPhone mobile and fixed-line phones are protected against these threats.

I dont use Windows! What about a Mac / Linux / BSD / VMS / RiscOS version of the software?

CryptoPhone is a small operation that needs to carefully consider where to put its resources. We would love to provide the software for at least MacOS X and Linux, but have currently more pressing issues, that mainly revolve around our money-earning products. Porting the codebase to MacOS X and Linux is on our roadmap and will happen, but at the moment we cannot make any promises on timeframes. If you happen to have tested the Windows software in emulation environments under other operating systems, we would love to hear about your experiences.

What is the best way for me to get a CryptoPhone?

You can order your CryptoPhone from Multisys AS in Norway. Please contact us at sales@multisys.no or call us. Click here for contact information.
(If you prefer, our PGP key can be found at the Contacts information page).

Can I return the CryptoPhone after I purchased it and do not like it?

No. All sales are final. Each GSMK CryptoPhone is a Communication Security (COMSEC) device that is configured, packaged and security sealed individually for you and is therefore not subject to the two-week return policy for consumer electronics ordered online. The reason is that once a phone has been in the hands of a customer, we can not sell it to another customer, because there is no economic way to check for all the possible modifications and tampering that could have affected the security of the device. Think of it like the no-returns policy that applies to tailored suits and other similar products. On questions of warranty, see below.

What happens with the data I gave you when I ordered my CryptoPhone?

We strongly believe in knowing as little as possible about our customers. This is why you can not create an “account” at our webshop and why you need to enter the relevant details again for each order. All customer data is only stored in a secure environment that is not accessible from the Internet. Some payment details need to be retained for regulatory and bookkeeping reasons. We will under no circumstances sell or loan customer data to anyone.

I do not want my bank details and / or address associated with the purchase of a CryptoPhone. What can I do?

You may pay cash directly to Multisys AS and pick up your CryptoPhone either from stock or at max five working days after ordering (down-payments may be required). For larger orders we may be able to arrange different logistics based upon customer request. Please contact us at sales@multisys.no. We only accept advance payment by bank transfer. We generally ship within 48 hours after receipt of payment. Smaller orders can also be shipped Cash on Delivery (COD). If you wish to arrange some other form of payment, please contact us at sales@multisys.no .

How do you ship?

For shipping our products we use a few selected international courier services, depending on destination, volume and security parameters. We offer a split shipment option where you can select to have us ship devices from one order to multiple locations. We usually ship within three working days after successful payment processing.

What is the split-shipment option good for?

Split-shipment is a method to set up a secure communications network with multiple partners within a short time. You order the required number of devices with one order, we ship them to the different destinations that you specify. A typical use for this option is for instance when you need to set up a new project team that needs secure communications immediately or if you discover a problem in an existing communication structure that needs to be resolved quickly. Split-shipment is only available with some forms of payment.

How do you make sure that I receive an untampered device?

We use a variety of high-security seals and procedures to help make sure the device arrives at your doorstep as we shipped it. If you want to verify the integrity of the package, please follow the instructions that you can obtain after ordering. Special verification procedures basically require you to send us an e-mail upon reception of the package, but before opening it. You will then immediately receive an e-mail from us with the types and serial-numbers of seals that we used to secure your package as well as pictures of where and how the seals were placed. We may at our discretion also include information on additional hidden security markers used for your package.

We regularly perform anonymous test purchases of the CryptoPhone GSM to verify the integrity of the entire delivery chain. All orders are shipped directly from our secure production facilities without unnecessary delays. If you are ordering via one of our resellers, resellers are required to notify you immediately when the shipment arrives, hand you the fully sealed package and envelope with all seals intact and store both in a secure place until you pick up the CryptoPhone.

What kind of warranty do you offer?

All mobile, satellite and desktop CryptoPhones come with a one-year manufacturer warranty. In the unlikely event that your CryptoPhone needs warranty repairs, please contact us first at support@multisys.no, so we can inform you about the detailed warranty and shipment procedure. Please be aware that certain fees for shipment and security sealing might apply. You must obtain a Return Merchandise Authorization (RMA) number before returning any equipment to us. Return shipments without a confirmed RMA number will be ignored. Please note that the integrated battery of the CryptoPhone is subject to wear and tear and not covered by the warranty.

We do not offer any kind of warranty for the free CryptoPhone for Windows software.

What about firmware updates?

We offer firmware updates for the CryptoPhone, e.g. when additional features become available for your device. Please contact us for details on how to obtain updates for your particular model. Updates generally fall into two categories: security updates and feature updates. Security updates will be made available in the case a security problem has been discovered. Security upgrades are free for download as long as the main firmware version they apply to is supported. Feature upgrades enhance the functionality of the CryptoPhone, and may be sold or offered for free download.