Security Product Analysis Special Topics: People & Security
Black Phone 2
Security oriented Android Phone Primarily designed for security / privacy Uses Android Lollipop 5.1.1
Manufactured by Silent Cirle Target Audience – Enterprise / Business Consists of all basic smartphone features
What is Black Phone 2?
Functions & Features
Umbrella feature Free of bloatware, hooks to carriers, and leaky data Accept and Reject each individual permission for each app Unauthorized access (Physical & Virtual) Silent Phone & Silent Text - Secure exchange of Data Spaces – Compartmentalization of Apps Google Integration Contingency Patching
Functions & Features Umbrella feature New layer of cloud for protection in network security Prevents commands & control callbacks, malware & phishing over any port or protocol Combines a series of granular controls without compromising the overall experience
Google Integration Includes Google's own services, like Drive, Gmail, Photos and Play app store
Functions & Features
Secure exchange of data via Silent Phone & Silent Text Self-destructing text messages on senders and receivers phone
Contingency Patching Silent OS has the world’s fastest vulnerability management. Critical vulnerabilities are patched within 72 hours of detection or reporting, and updates come directly from Silent Circle, with no carrier delays or waiting periods.
Functions & Features Spaces Spaces creates multiple, separate virtual phones on one device, enabling work life and personal life to stay securely compartmentalized. No data is shared between spaces Keep your apps and data secure Customize each space any way you like
Enterprise spaces are set and controlled by the enterprise, not the end user, enabling user satisfaction while reinforcing enterprise security needs and policies
Possible Risks
Physical unauthorized access Google Play Store High percentage of apps contain malware, or social engineering to connect to malware
Permissions threats Ignorance about Versions and Updates Wifii threats Unauthorized Data Mining Internet actions based threats
Risks Addressed / Mitigated
•Umbrella Feature
•Multifactor Authentication
Google Play Store Permission Threats
Permission threats Unauthorized Data mining • Feature to accept and reject each individual permission for each app
Physical unauthorized access
Wifii threats Internet action threats •Built in protection against bloatware, hooks to carriers, and leaky data
Competitors
Security Apps Avast! Mobile Security, 360 Security, AVL , Kaspersky, etc.
BlackBerry PRIV
Comparison Black Phone 2
Blackberry PRIV
ZRTP Encryption
PGP Encryption Military grade privacy (Phantom Encrypted Blackberry)
Lacks encrypted email service
Provides encrypted email service
Limited Communication
Extensive Communication
Not preferred by Service Providers
Preferred by Service Providers
Regulate each app setting individually
Restricted / Pre-set privacy configurations in apps
Aesthetics
Aesthetics (Better Camera‌)
$799
$649
Advantages Vs. Disadvantages • Contingency Patching • Silent Store • Use friendly for both Enterprise & Consumers Blackphone integrates with popular MDM systems ( Citrix, SOTI, etcetera) and the Android for Work Program • Lacks the ability to encrypt emails • Requires a monthly subscription to access all security features • Lacks Government & Military certification • Other disadvantages in comparison to its competitor
Conclusion
No significant bad reviews on its technical aspects and recommended by Times, Forbes, etc. It meets security goals, but certainly not all enterprise needs
Has potential for improvement in future – Blackphone 3 etc. Purchase / usage at the end depends on consumer type
Presented by Walter Diong & Medina Ali
THANK YOU!
Questions & Answers