Your SlideShare is downloading. ×

Handset Theft - A Case Study


Published on

Matias Fernandez Diaz, Regulatory Manager, GSMA LA …

Matias Fernandez Diaz, Regulatory Manager, GSMA LA
James Moran, Security Director GSMA

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Handset Theft - A Case Study Matias Fernandez Diaz, Regulatory Manager, GSMA LA James Moran, Security Director GSMARestricted - Confidential Information© GSMA 2011All GSMA meetings are conducted in full compliance with the GSMA’s anti-trust compliance policy
  • 2. Restricted - Confidential Information© GSMA 2011All GSMA meetings are conducted in full compliance with the GSMA’s anti-trust compliance policy
  • 3. CITEL Recommendations “measures have proven insufficient to combat this illicit industry” Introduce blacklisting of stolen devices in individual countries Exchange blacklist data regionally using solutions such as IMEI Database Raise public awareness of handset theft and the need to buy from reputable sources States to criminalise IMEI changing or other circumvention of blacklisting States to better control important and movement of mobile handsets Sellers of handsets to only buy and provide for sale those with a secure IMEI Operators to report instances of IMEI security weakness for investigation “criminal organizations profiting from this business take advantage of the absence of information exchange and of blockage at the international level”© GSMA 2011 3
  • 4. Why does the Industry need to share IMEIinformation of stolen devices on a regional basis? Crime related to handset theft is growing at high pace in the region. These issues have high impact due to crime and murder derived in government involvement. Latin American countries committed to act against handset theft in their country but with a regional approach (CITEL- PCC.I/RES. 189). Some countries have signed bilateral agreements to share stolen IMEI information. Many regulators and governments have The region needs to avoid fragmentation, and requested GSMA LA commitment from all parties, public and private. support to share stolen 13 Groups of mobile operators signed the Latin IMEI information on a American Mobile Operators commit to combat regional basis. mobile device theft. All operations to be connected by Mar 13© GSMA 2011 4
  • 5. Handset Theft in United Kingdom A Case Study© GSMA 2011 5
  • 6. Handset Theft - The UK Problem Handset theft considered to be a major social issue with claims that it constituted 52% of street crime Handset theft had increased 500% and emergence of smart phones raised second hand value Every stolen phone causes misery, possible violence and psychological and life changing consequences Onus on industry and governments to work together to introduce effective countermeasures Problem not of industry’s making but it was willing to play its part to help combat theft Need to work together to combat the problem© GSMA 2011 6
  • 7. Collaborative Approach to Combat Theft Handset theft is a challenge but presented industry and government with an opportunity to show leadership Local legislation needed to specifically outlaw the changing of IMEIs, importation of spurious devices, etc. Improved levels of handset security needed to provide a more robust IMEI that is less vulnerable to change Deployment of EIRs by network operators to blacklist stolen handsets on local networks Agreement between operators to share data and blacklist stolen handsets across networks via IMEI Database© GSMA 2011 7
  • 8. The GSMA IMEI Database What is the GSMA IMEI DB? Benefits of Sharing Data? Centrally located database of valid and National/regional databases allow operators agree their stolen handset IMEIs to which operators own blacklisting code of practice to preserve data integrity. may connect to upload and download Volume of data to be uploaded, downloaded and data to control mobile device access on maintained is more manageable their networks Data uploaded to a regional database is also placed in a ‘global’ database thereby preserving master database Why Share Data Nationally The sharing of data on a national/regional level ought to /Regionally? be sufficient to satisfy the requirements of law enforcement agencies, governments, etc. Isolated EIRs on individual networks are of little use as a deterrent Lack of data sharing across networks Why use GSMA IMEI Database? allows stolen handsets to migrate Scale – maximize value by sharing with more operators from one network to another Non competitive - operators agree blocking rules Sharing of IMEI data can result in a Free - hosted by GSMA for benefit of all stakeholders substantial reduction in handset theft Flexible - facilitates national and regional data sharing Sharing of IMEI data on a Easy - File formats, procedures, tests etc. available national/regional level is most Stable - in existence since 1996 supported by all EIRs effective way to combat handset theft Suitable - meets needs of all stakeholders© GSMA 2011 8
  • 9. Global Black List Ecosystem Black List Info GSMA IMEI DB (CEIR) Black list information reported by operators Global black list distributed back to operators by GSMA IMEI database is Central Equipment Identity Register (CEIR)© GSMA 2011 Effective management requires one global black list 9
  • 10. IMEI Integrity Need to preserve integrity of IMEI is critical to support the various uses of the identifier – IMEI differentiates between genuine and black/grey market devices – Legitimate IMEI ranges ensures spurious IMEIs can be identified – IMEI integrity necessary to provide confidence in stolen handset barring Much progress made by industry to enhance integrity of IMEI implementations: – Industry agreed technical security design principles – IMEI security weakness reporting and correction process established – Contract in place with third party to proactively report security weaknesses© GSMA 2011 10
  • 11. IMEI Security Initiatives Technical security design principles agreed with manufacturers Formal IMEI security weakness reporting and correction process developed to deal with compromised products during production life Proactive identification of IMEI security weaknesses ensured with launch of outsourced detection service© GSMA 2011 11
  • 12. IMEI Security Technical Design Principles 1. Uploading, downloading and storage of executable code and sensitive data 2. Protection of components’ executable code and sensitive data 3. Protection against exchange of data/ software between devices 4. Protection of executable code and sensitive data from external attacks 5. Prevention of download of a previous software version 6. Detection of, and response to, unauthorised tampering 7. Software quality measures 8. Hidden menus 9. Prevention of hardware substitution© GSMA 2011 12
  • 13. IMEI Security Reporting Recognises dual processes of reporting and resolution of product weaknesses Process allows operators to notify GSMA of identified weaknesses Process engages with manufacturers and operators centrally rather than locally Accelerates cooperation with manufacturers on security levels© GSMA 2011 13
  • 14. Supporting Manufacturers© GSMA 2011 14
  • 15. IMEI Integrity – Significant Progress Made 2010 - 11 number of allegations was 120 – down from 286 in the previous year - 58% decrease following a 17% decrease the previous year Hacking tools impact just 6 manufacturers – down from 11 in the previous year - 45% decrease Number of hacking tools is just 11 - down from 39 in the previous year - 72% decrease Only 6 of the hacking tools are new - other 5 were included in the 39 tools that emerged the previous year - new tools is down by 85% 83% of compromised device models pertain to just two manufacturers with whom GSMA is working 120 compromised models relates to just 0.01% of allocated TACs in the last year! Significant progress has been made© GSMA 2011 15
  • 16. Outcomes IMEI blocking capabilities in place across all networks Connection established to the IMEI Database to share data locally and internationally Manufacturer commitment recruited for improved security of IMEI implementations Legislation introduced to combat IMEI reprogramming Significant public awareness campaigns undertaken to heighten awareness of blocking capabilities Dedicated police unit (National Mobile Phone Crime Unit) established to focus on mobile phone theft 42% reduction in theft levels in first year and steady decline since© GSMA 2011 16
  • 17. Success Factors Co-operative spirit between all stakeholders Mutual recognition of the need to combat handset theft Voluntary undertakings avoided need for regulation Need to focus and target devices - not users Measures must be consumer friendly Focus on effective solutions only – Improved IMEI security – Supportive legislation – Blacklisting and not whitelisting Theft levels and solution effectiveness need to be measured© GSMA 2011 17
  • 18. Lessons Learned Theft is a global problem and requires an international solution to combat cross border trafficking of devices National databases result in fragmentation & an incomplete solution Industry and government must work together and align with international initiatives and best practice Focus must be on devices and not negatively impact legitimate users, circulation of devices and competition Resources must be focussed on workable and effective measures Self regulatory initiatives can go beyond what regulation can achieve Absolute elimination of theft is unachievable but holistic measures can significantly reduce theft levels Sufficient technical capabilities exist in global standards and via GSMA© GSMA 2011 18
  • 19. Available GSMA Support Regarded as a trusted knowledge source on handset theft matters having worked with operators and governments in over 80 countries Provide IMEI Database functionality free of charge for whitelisting and blacklisting purposes Assist network operators with their data sharing initiatives by facilitating discussions on agreeing the rules and processes in a memorandum of understanding Provide IMEI number range data to national authorities that may require it Continued work on IMEI security levels© GSMA 2011 19
  • 20. Collective efforts can be effective … they just need to be aligned!© GSMA 2011 20
  • 21. Thank you for your attention Any Questions? James Moran Security Director GSM Association latin-america-the-gsma-imei-database/© GSMA 2011 21