WIFI Calling - How secure is it?

Wouldn’t this be more secure than hoping you are connected to a legitimate tower instead of a stingray, ISMI catcher or the like?

I think most phones can turn off cellular and turn on WIFI. You do need the wifi calling though to use it. It allows calls and texts both ways. It works fine for some of the big carriers with the popular device brrands.

Hopefully the L5 or L6 can get this soon.

…and some MVNOs on those big carriers’ networks.

VoWiFi is basically SIP (a widely used VoIP standard) inside of IPSec (a type of VPN, and also a common standard). But I am unsure about the authentication bits, which is why we probably cannot just run SIP over IPSec ourselves. Like all cryptography, everything has to be implemented correctly in order for it to be secure. Also, once the IPSec terminates, presumably safely inside of the carrier’s network (it is not end-to-end encryption), the call can be tapped. In order for a compromised network to decode the traffic, it would need the IPSec secrets, and I am unsure about that part. I think that part of it is kept on the SIM card.

Thanks for the detail. I guess what I mean is when compared to cellular calls. If you do wifi calling with VPN on, it may be secure up to the cell provider endpoint hub where it needs to be decrypted. I am using my imagination here but I think with VPNs that means the end point in the nearest city where your VPN endpoint is.