USSD secure or not?

Question

I have a question about USSD and security in this channel.

As you know today mobile banking and many payments using USSD, I want to know is USSD safe?

If USSD transactions using a5/1 for encryption,its totally broke few years a go and now can be captured by usrp (or HackRF board) and decoded by rainbow tables created for a5/1.

I think this transactions is not really safe,but I want to know more about this protocol and encryption using at this transactions. I dont know USSD codes encoded with a5/1 or GSM-7... so my question is:

1. What is encryption using for USSD transactions? Is the USSD using GSM voice encryption ( a5/1) or using GSM-7 or other?
2. How we can make USSD secure? is possible to add additional encryption to transactions or what you think about securing USSD codes and transactions.

Thanks all.

Answer 1

In general there are two level of security in Mobile networks (in this case GSM)

1. AirInterface Security
2. Core Network Security

For the AirInterface (Radio Interface between MS and BTS) it can be encrypted or unencrypted (depend on network setting)

https://en.wikipedia.org/wiki/A5/1 
https://en.wikipedia.org/wiki/A5/2

As you can see both current encryption methods are so weak specially for financial transaction (compare to acceptable encryption methods for online banking).

The real problem for USSD messages are their MAP/SS7(Sigtran) related message in the core network. Unfortunately all USSD messages in GSM network transfer as a plain text (as a part of MAP message) and all E1 links are easily monitor-able.

Using USSD as a transmission layer (in the lack of Data connection(GPRS-3G-LTE)on network) is possible but an encryption layer is require ( and it can be implemented on Android or IOS App)