The short answer
A DMA Air-Gap is a hardware security architecture that galvanically isolates the audio path of a voice device from its host phone or computer. Speech is captured, encrypted and decrypted entirely inside a separate secure enclave, so the host operating system — and any spyware controlling it through Direct Memory Access — never handles plaintext audio. Only ciphertext ever crosses to the phone.
The term names an architectural answer to an architectural problem. Every secure-messaging app on a smartphone inherits the smartphone's microphone, and that microphone belongs to the operating system, not to the app. A DMA Air-Gap moves the microphone — and the cryptography — out of the phone entirely. BCrypto coined the term for its patent-pending implementation, but the engineering problem it addresses is general, and this article explains that problem first.
Why software encryption cannot protect a smartphone microphone
Direct Memory Access (DMA) is the mechanism modern computers use to move data between peripherals and RAM without involving the CPU in every transfer. When you speak into a smartphone, the audio codec streams your voice through DMA into buffers managed by the operating system kernel. Any app — Signal, WhatsApp, or a bespoke encrypted dialler — receives a copy of that audio from the OS and only then encrypts it. The plaintext existed first, in memory the OS controls. End-to-end encryption protects the network path; it cannot protect the capture point.
This is not a theoretical gap. In August 2016, Citizen Lab documented how NSO Group's Pegasus spyware, delivered to the iPhone of Emirati human rights defender Ahmed Mansoor through a chain of zero-day exploits, was built to use the phone's microphone and camera to monitor activity around the device [1]. Amnesty International's Forensic Methodology Report of 18 July 2021 traced Pegasus infections on iOS and Android devices from 2014 up to July 2021, including zero-click attacks — observed since May 2018 — that compromise a fully patched phone with no user interaction at all [2].
The scale is documented too. Scanning the internet between August 2016 and August 2018, Citizen Lab found 1,091 IP addresses matching Pegasus infrastructure and identified suspected Pegasus operations in 45 countries, run by 36 distinct operators [3]. On 15 June 2023, the European Parliament — after a year-long inquiry — adopted its spyware recommendation by 411 votes to 97, concluding that illicit spyware use had put "democracy itself at stake" and issuing targeted recommendations to five member states [4]. Against an adversary with kernel-level access, the encryption app is simply bypassed: the voice is taken before encryption happens.
What galvanic isolation means
Galvanic isolation is an electrical engineering term: two circuits are galvanically isolated when no direct conductive path connects them, so current cannot flow from one to the other. Signals cross only through deliberate, controlled barriers. Applied to voice security, it means the microphone is not a peripheral of the phone at all. In a DMA air-gapped design, a dedicated microphone is wired exclusively into a separate secure processor. It does not sit on the host's memory bus, so the host cannot address it, map it, or configure DMA transfers from it — there is physically nothing for spyware on the phone to redirect.
Note the difference from a classic network air-gap, where a computer is protected by disconnecting it from networks. A DMA Air-Gap disconnects nothing: calls still flow through the phone and the internet. What it isolates is the transduction point — the place where sound becomes data. Everything the host phone ever sees is ciphertext, and the phone is demoted, by design, to an untrusted transport pipe.
Three architectures for confidential voice
An app on a phone is the baseline. Modern secure messengers use strong transport cryptography and cost nothing in hardware. But their trusted computing base is the entire phone: the kernel, the drivers, the baseband, every path to privilege escalation. Against network interception they are effective; against the documented spyware class above, they fail silently, because the microphone is captured upstream of them [1][2].
A dedicated secure phone — a hardened handset with a custom OS — shrinks the attack surface. Yet the microphone still hangs off the main SoC of a general-purpose smartphone, the operating system remains a large, moving target for the exploit market, and the user must carry and explain a second, conspicuous device.
A hardware-isolated voice peripheral — the DMA Air-Gap class — keeps the user's own phone but stops trusting it. Microphone, encryption and decryption live in an external secure element; the phone routes ciphertext. A fully compromised phone can still block, delay or drop calls, and can observe that calls take place — but it cannot read their content. The trade-off is dedicated hardware, and a set of limits that any honest vendor should state plainly.
What a DMA Air-Gap does not protect
The other end of the call. If your counterpart speaks on an ordinary smartphone, their capture point is unprotected, and the conversation's confidentiality collapses to the weakest endpoint. Hardware isolation only helps the endpoints that have it.
Metadata. The host phone and the network still see that traffic happened: when, how long, over which connection. Galvanic isolation hides content, not the existence of communication. Traffic-analysis resistance is a separate discipline with separate tools.
The screen and the room. Anything displayed on the host phone's screen is visible to the host, so a compromised phone can capture what it renders. And no air-gap changes acoustics: the phone's own microphone, a laptop or a smart speaker in the same room can still record your voice out of the air if their platforms are compromised. A DMA Air-Gap secures the call path — not the room you speak in, and not a coerced or careless human at either end.
How Q-Audion implements the DMA Air-Gap
Q-Audion, built by BCrypto in Torino, is a hardware-encrypted voice system: an encrypted earbud working with Android, iOS and desktop apps, a sovereign server and a post-quantum VPN. Its DMA Air-Gap is the architecture described above, implemented literally: a dedicated MEMS microphone sits inside the secure enclave, galvanically isolated from the host phone, so the host operating system is never in the audio path. The firmware runs in a TEE based on ARM TrustZone-M.
Key establishment uses ML-KEM-1024, the highest parameter set of NIST FIPS 203 — the post-quantum key-encapsulation standard published on 13 August 2024 [5] — executed in a hardware crypto accelerator, with AES-256-GCM protecting the voice stream. The post-quantum choice addresses harvest-now-decrypt-later: recorded ciphertext should stay unreadable even against a future quantum adversary. On-device TinyML provides anti-deepfake analysis of the incoming voice. The system is BYOD — it works with the phone you already carry — and the supply chain is EU-designed.
Status, stated plainly: the DMA Air-Gap is patent-pending, with three patents filed at UIBM in 2026. Q-Audion is at TRL 6 — firmware feature-complete, with known-answer-test-gated cross-platform CI — and holds no certifications yet: no FIPS 140-3, no Common Criteria, no national-agency approval. The definition in this article describes an architecture; certification of its implementation is a separate, ongoing burden of proof.
Frequently asked questions
Is a DMA Air-Gap the same as a network air-gap? No. A network air-gap protects a system by disconnecting it from networks. A DMA Air-Gap keeps the connection: it galvanically isolates the microphone and the cryptography from the connected host, so the host carries only ciphertext.
What exactly is DMA, and why does it matter for voice? Direct Memory Access lets peripherals such as the audio codec write data straight into RAM without the CPU handling every sample. It is efficient — and it means your voice lands in operating-system-controlled memory as plaintext before any app can encrypt it. Kernel-level spyware reads it there [1][2].
Does a DMA Air-Gap make interception impossible? No architecture does. It removes the host phone from the trusted path, which defeats the documented smartphone-spyware capture model. It does not protect an unprotected far end, does not hide call metadata, and does not stop acoustic capture by other devices in the room.
Why post-quantum cryptography for a voice product? Because intercepted ciphertext can be stored today and decrypted later — harvest now, decrypt later. ML-KEM, standardized by NIST as FIPS 203 on 13 August 2024, is designed to resist quantum attack; ML-KEM-1024 is its most conservative parameter set [5].
Is Q-Audion's DMA Air-Gap certified by a government body? Not yet. The architecture is patent-pending (three UIBM filings, 2026) and the product is at TRL 6 with KAT-gated CI. No FIPS 140-3, Common Criteria or national approvals exist today, and no such claim should be inferred from this article.