ETSI releases comprehensive global standard for securing smart phones
Sophia Antipolis. 24 November 2021 – Our smartphones and tablets are fundamental for citizens and hold a wide range of user data and apps. At the same time, security attacks have increased with malicious applications and network eavesdropping.
To define security and assurance requirements for smart phones and tablets, mitigate potential risks and protect users, ETSI has released Consumer Mobile Device Protection Profile, ETSI TS 103 732. The specification identifies key security and privacy risks for user data and provides appropriate protection.
“Following the excellent improvement in security achieved with ETSI EN 303 645 for consumer IoT devices, ETSI has been working on securing other consumer devices. ETSI TS 103 732 provides a complete solution to secure smart phones and tablets, minimising privacy risks and maximising user confidence that their smart devices protect their data” says Alex Leadbeater, ETSI cybersecurity chair.
The new ETSI standard specifies security requirements for consumer mobile devices. It ensures the protection of key user data such as photos, videos, user location, emails, SMS, calls, passwords for web services, and fitness related data.
The ETSI specification has a broad coverage of security features including cryptographic support, user data protection, identification and authentication, security management, privacy protection, resistance to physical attack, secure boot, and trusted communication channels.
In addition, ETSI TS 103 732 defines the security assurance requirements based on Common Criteria and it is therefore also suitable for certification initiatives such as the European Cybersecurity Act. The standard was developed to support consumer mobile devices manufacturers to achieve security certification. It also offers a common methodology for evaluators to assess the security of consumer mobile devices.
Comment on this article below or via Twitter @IoTGN