FIX Network has announced a significant achievement towards their goal of securing transactions and private keys on SIM cards. As an innovative joint venture made of leading teams in telecoms, cybersecurity and blockchain, FIX Network will leverage the existing cellular infrastructure by defining and implementing a new blockchain-based security protocol.
According to the announcement, the FIX Network Security Protocol will ensure the security and safety of private keys used by applications on mobile devices, and will provide a trusted environment for protecting a customer’s digital identities and digital assets. A significant innovation by the company is the storage of private keys on the subscriber’s SIM card, and the execution of cryptographic operations on that SIM card using applets. FIX Network emphasized that the private keys are never exposed to the mobile device or to a public network, thus enhancing security of the stored Digital Identities and other digital assets such as cryptocurrencies.
An important component of the FIX Network Security Protocol are policies, which are highly flexible and adaptable rules that allow users to define the usage characteristics of their digital assets and identities, such as how those assets are to be stored, accessed, transacted and recovered. These policies must be adhered to in order to authorize or accomplish a digital transaction. Policy rules will be configured by mobile application provided by FIX Network and third parties, and policies will be stored and secured by blockchain technology.
In the early stages of the FIX Network project, the mobile operators will store these policies on a private blockchain within their own network. However, the company expects that ultimately all policies will be placed on the public FIX Network blockchain and “will provide the appropriate security, decentralization and independent community-driven ledger required to support this critical service of trust.”
Frank Kleinewoerdemann, a cellular security specialist and active contributor to the FIX Network project, said, “The first signing of a Bitcoin message over the air was an exhilarating moment such as when you manage to ride a bicycle for the first time. We can now look forward to delivering the open source development tools and a SIM applet that will have a major impact on the cellular industry and the way that end-users will securely interact with the digital world.”
The company successfully tested the registration of private keys employing seed mnemonics and deterministic public key generation, signed using secp256k1 and the Elliptic Curve Digital Signature Algorithm (ECDSA). A FIX-enabled SIM card supporting advanced hashing algorithms was hosted in a mobile device for signing transactions, with a customized Over-the-Air (OTA) gateway providing secure communications to the SIM card via a cellular network.
Furthermore, FIX Network said that mobile operators will leverage the company’s technology “to provide advanced OTT services such as cryptocurrency wallets, digital identity management, mobile banking and personal data firewalls to their subscribers, providing potentially substantial revenue streams to an industry eagerly seeking new business models.” The FIX Network Security Protocol is also seen as being highly effective in preventing fraud, such as SIM swaps, and will facilitate payment service providers in complying with regulatory directives such as PSD2.
FIX Network said that all of its provided applications will be open-source and will include APIs (Application Program Interfaces) and SDKs (Software Development Kits) in order to increase community engagement, third-party integration and solution standardization. Additionally, this approach will facilitate the rapid development of end-user applications such as crypto wallets, and also accelerate the mass adoption of transformative digital services.
