My take on how Smart Plug n Talk does it.

Hmm, this blog should have been posted December last year, however I was not able to finished it. So here it goes..

December 2008, Smart launched it's Plug 'n Talk service. The premise of the service is to use your Smart SIM to call and send SMS over the Internet without your GSM phone. So how it is done?

Dissecting the service, it has SIM authentication over IP, voice call and SMS. The voice call is VOIP, while the SMS is the same SMS but the medium of transport is IP.

However, to make use of the SIM, like be able to call from PC to Mobile and vice-versa and at the same time get billed from the SIM's load (yes you still need to top-up the SIM to use the service-- it is not free :D ), the SIM should be authenticated and register in the mobile operator's system. To authenticate the SIM without using your mobile device and still be online on the mobile network perspective,the technology EAP-SIM could be playing in this scenario. EAP-SIM is Extensible Authentication Protocol for GSM Subscriber Identity Module.

EAP have been around and used in the other wireless technology, the WiFi for wireless and even for wired system.

Since it connects and authenticates over IP to Operator's GSM network, there should be a gateway between IP to SS7.

The authentication server could be a RADIUS server that authenticates, authorizes and accounts the SIM usage over IP. This is almost the same with the HLR (Home Location Register) of the mobile network.

So how? In GSM network HLR database holds the IMSI and the MSISDN (acronyms used in mobile domain), the mapping of the actual dial-able number and the unique number inside your SIM plus the shared secret key called "ki"and other subscribers information. So when a SIM gets online by powering your mobile phone, it authenticates through the HLR.

In WiFI or in fixed network, the access control is done on controlled port access device. i.e. wifi access points, LAN switches, firewalls or even routers. They are called the authenticator.

While software needs to be installed or configured on the client side. This is called the supplicant (Smart Plug n Talk). Until the client is authenticated, the supplicant can only communicate with the RADIUS Server using the EAP. EAP supports variety of authentication methods including EAP-SIM authentication.

So a RADIUS can be the gateway between IP netwrok to GSM network. This RADIUS server somehow acts as a VLR (Visitor Location Register). So the SIM looks like in roaming mode.

So when inserting the Plug 'n Talk (with SIM) to notebook or desktop, it authenticates back to GSM network of Smart through IP based AAA server (RADIUS) that acts as VLR and gateway. This communication passes through IP, the basic language of the Internet.

So there it is, my take on how possibly Smart is doing it. Don't ask me the details for it is not as easy as you might think. :)

Read more!

My Fourth and my Last, my Retirement Company

The startup bug have bitten me again. This is not due to boredom with my current company but it is a destiny that have started to unfold since 2004. That was the time I read the book "The Alchemist" by Paulo Coelho, a quote in that book really hit me.

"To realize one's destiny is a person's only real obligation. All things are one. And, when you want something, all the universe conspires in helping you to achieve it."


It is another journey for me, a journey that I want to see the destination. I want to retire on my 47th Birthday and travel together with my family.

The universe is conspiring since that day I read the book, but it has a slow start and just started to show some steam just recently. Everything seems falling into place. There will be trials and more trials but I guess I have gone thrice humble with the last three and that I think I deserve a break.

Read more!

Now I'm in Facebook

I registered in Facebook November 2007 but was never active in this Social Networking site until last night. My friend, asked me why I am not his "friend" in facebook if I have an account in facebook. I said never use the site actively. That prompt me to check my account there.

I have several SN site, facebook, friendster, linkedin, multiply, tagged, hi5 etc. So many to keep them up to date. Read more!

Mobile Banking Best Practices

Last year I was invited to talk about Mobile Banking security and best practices. The event was organized and attended by BAIPHIL, a bankers association. The event was well attended and saw familiar faces during the event.

I discussed about using SMS in mobile banking. Although SMS is one great tool to use for Mobile Banking, I displayed that SMS is not quite secure if not properly implemented.

I demonstrated how I managed to change the SMS' originating mobile number to a different number, thus successfully faking a message. The same time, I discussed also the solution for this one. Read more!

Once, Twice a winner

Early this year we won a mobile development challenge. The contest platform is for Ericsson SIP/IMS. It was co-sponsored by Globe Telecoms. We won that contest,Globe 3G Multimedia Challenge

After that event, Globe had sponsored another challenge, this time using their "opened" SMS/MMS API. When I say "opened", it is open to verified developers. You can not just register and grab the API and scrutinize it.


We won again the second challenge,Globe Labs Challenge. We feel the second challenge will be tougher because we have a title to depend and more developers were present during the launch.

Read more!

Dec. 1, 2008, 7:00pm.

If you looked at the sky on this date (night time) you find our celestial neighbors smiling. Yes, the moon and two planets, Jupiter and Venus forming a smiley. The sky is smiling even the hardships we are experiencing in our country. It gives us hope that all these things will come to pass.

I took a snapshot of it, take a look.

Read more!

Testing the Chrome Browser

Ok, ok, I will blog about Chrome.

I tried to resist on making blog on Google's latest but I needed to check it out. Browser war have come and gone and now this new kid on the block just started it again.

I downloaded the installer and for some reason when I ran the installer while my Firefox browser is still active my PC's Internet was suddenly got disconnected. I have to restart the machine.


I already read several comments about Chrome, the style, the color and performance. Just like any other browser that's just started, it has birth pains. Existing plug-ins I have in my Firefox are not by default running or not yet supported. I have to download them all over again.

Just like IM, I already have several browsers installed, Firefox, Safari, IE and now Chrome.

I find Chrome easy to use, lighweight and fast but I'll give it more time and I hope overtime it will not become memory hog just like Firefox.

Read more!