GPRS modems using the GSM network to transmit data has a weak encryption (A5) that can easily be cracked by a computer. Studies show that the A5 encryption algoritm in some cases can be cracked in less than a second by using a PC*.

Furthermore, the GSM/GPRS encryption is only used between the external/mobile unit and the base station, but within the operators own network (i.e. between all base stations) all traffic is transmitted in plain text. Some operators have started offering VPN as an option but in those cases only for the communication link over the Internet, i.e. from your network to the operator's network – not within their own network. Remember that security is never more secure than its weakest link.

Another weakness in GSM/GPRS based communication systems is that modems do not have enough mesures for authentication, which means that an outsider can communicate with a certain modem without being detected as a false node. This enables the outsider to send a false messages or false data right into the system, as well as listening to your private communication and reading your private data.

One of the criterias for using GPRS is its “always-on” feature, but in reality it can be translated to”always vulnerable”.

Cryptango™ Security Module enhances GPRS communication with a very strong extra protection. . Read more...

*)Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication, by Barkan, Biham and Keller