Weitere ähnliche Inhalte
Ähnlich wie Handset Theft - A Case Study (20)
Mehr von Ministerio TIC Colombia (20)
Handset Theft - A Case Study
- 1. Handset Theft - A Case Study
Matias Fernandez Diaz, Regulatory Manager, GSMA LA
James Moran, Security Director GSMA
Restricted - Confidential Information
© GSMA 2011
All GSMA meetings are conducted in full compliance with the GSMA’s anti-trust compliance policy
- 2. Restricted - Confidential Information
© GSMA 2011
All GSMA meetings are conducted in full compliance with the GSMA’s anti-trust compliance policy
- 3. CITEL Recommendations
“measures have proven insufficient to combat this illicit industry”
Introduce blacklisting of stolen devices in individual countries
Exchange blacklist data regionally using solutions such as IMEI Database
Raise public awareness of handset theft and the need to buy from reputable sources
States to criminalise IMEI changing or other circumvention of blacklisting
States to better control important and movement of mobile handsets
Sellers of handsets to only buy and provide for sale those with a secure IMEI
Operators to report instances of IMEI security weakness for investigation
“criminal organizations profiting from this business take advantage
of the absence of information exchange and of blockage at the
international level”
© GSMA 2011 3
- 4. Why does the Industry need to share IMEI
information of stolen devices on a regional basis?
Crime related to handset theft is growing at high pace
in the region.
These issues have high impact due to crime and
murder derived in government involvement.
Latin American countries committed to act against
handset theft in their country but with a regional
approach (CITEL- PCC.I/RES. 189).
Some countries have signed bilateral agreements to
share stolen IMEI information. Many regulators and
governments have
The region needs to avoid fragmentation, and requested GSMA LA
commitment from all parties, public and private. support to share stolen
13 Groups of mobile operators signed the Latin IMEI information on a
American Mobile Operators commit to combat regional basis.
mobile device theft. All operations to be connected by
Mar 13
© GSMA 2011 4
- 6. Handset Theft - The UK Problem
Handset theft considered to be a major social issue with
claims that it constituted 52% of street crime
Handset theft had increased 500% and emergence of
smart phones raised second hand value
Every stolen phone causes misery, possible violence and
psychological and life changing consequences
Onus on industry and governments to work together to
introduce effective countermeasures
Problem not of industry’s making but it was willing to play
its part to help combat theft
Need to work together to combat the problem
© GSMA 2011 6
- 7. Collaborative Approach to Combat Theft
Handset theft is a challenge but presented industry and
government with an opportunity to show leadership
Local legislation needed to specifically outlaw the
changing of IMEIs, importation of spurious devices, etc.
Improved levels of handset security needed to provide a
more robust IMEI that is less vulnerable to change
Deployment of EIRs by network operators to blacklist
stolen handsets on local networks
Agreement between operators to share data and blacklist
stolen handsets across networks via IMEI Database
© GSMA 2011 7
- 8. The GSMA IMEI Database
What is the GSMA IMEI DB? Benefits of Sharing Data?
Centrally located database of valid and National/regional databases allow operators agree their
stolen handset IMEIs to which operators own blacklisting code of practice to preserve data integrity.
may connect to upload and download Volume of data to be uploaded, downloaded and
data to control mobile device access on maintained is more manageable
their networks Data uploaded to a regional database is also placed in a
‘global’ database thereby preserving master database
Why Share Data Nationally The sharing of data on a national/regional level ought to
/Regionally? be sufficient to satisfy the requirements of law
enforcement agencies, governments, etc.
Isolated EIRs on individual networks
are of little use as a deterrent
Lack of data sharing across networks Why use GSMA IMEI Database?
allows stolen handsets to migrate Scale – maximize value by sharing with more operators
from one network to another Non competitive - operators agree blocking rules
Sharing of IMEI data can result in a Free - hosted by GSMA for benefit of all stakeholders
substantial reduction in handset theft Flexible - facilitates national and regional data sharing
Sharing of IMEI data on a Easy - File formats, procedures, tests etc. available
national/regional level is most
Stable - in existence since 1996 supported by all EIRs
effective way to combat handset theft
Suitable - meets needs of all stakeholders
© GSMA 2011 8
- 9. Global Black List Ecosystem
Black List Info
GSMA
IMEI DB
(CEIR)
Black list information reported by operators
Global black list distributed back to operators by GSMA
IMEI database is Central Equipment Identity Register (CEIR)
© GSMA 2011
Effective management requires one global black list
9
- 10. IMEI Integrity
Need to preserve integrity of IMEI is critical to support the various
uses of the identifier
– IMEI differentiates between genuine and black/grey market devices
– Legitimate IMEI ranges ensures spurious IMEIs can be identified
– IMEI integrity necessary to provide confidence in stolen handset barring
Much progress made by industry to enhance integrity of IMEI
implementations:
– Industry agreed technical security design principles
– IMEI security weakness reporting and correction process established
– Contract in place with third party to proactively report security weaknesses
© GSMA 2011 10
- 11. IMEI Security Initiatives
Technical security design principles agreed with
manufacturers
Formal IMEI security weakness reporting and correction
process developed to deal with compromised products
during production life
Proactive identification of IMEI security weaknesses
ensured with launch of outsourced detection service
© GSMA 2011 11
- 12. IMEI Security Technical Design Principles
1. Uploading, downloading and storage of executable code and
sensitive data
2. Protection of components’ executable code and sensitive data
3. Protection against exchange of data/ software between
devices
4. Protection of executable code and sensitive data from external
attacks
5. Prevention of download of a previous software version
6. Detection of, and response to, unauthorised tampering
7. Software quality measures
8. Hidden menus
9. Prevention of hardware substitution
© GSMA 2011 12
- 13. IMEI Security Reporting
Recognises dual processes of reporting and resolution of
product weaknesses
Process allows operators to notify GSMA of identified
weaknesses
Process engages with manufacturers and operators
centrally rather than locally
Accelerates cooperation with manufacturers on security
levels
© GSMA 2011 13
- 15. IMEI Integrity – Significant Progress Made
2010 - 11 number of allegations was 120 – down from 286 in the previous
year - 58% decrease following a 17% decrease the previous year
Hacking tools impact just 6 manufacturers – down from 11 in the previous
year - 45% decrease
Number of hacking tools is just 11 - down from 39 in the previous year - 72%
decrease
Only 6 of the hacking tools are new - other 5 were included in the 39 tools
that emerged the previous year - new tools is down by 85%
83% of compromised device models pertain to just two manufacturers with
whom GSMA is working
120 compromised models relates to just 0.01% of allocated TACs in the last
year!
Significant progress has been made
© GSMA 2011 15
- 16. Outcomes
IMEI blocking capabilities in place across all networks
Connection established to the IMEI Database to share
data locally and internationally
Manufacturer commitment recruited for improved
security of IMEI implementations
Legislation introduced to combat IMEI reprogramming
Significant public awareness campaigns undertaken to
heighten awareness of blocking capabilities
Dedicated police unit (National Mobile Phone Crime
Unit) established to focus on mobile phone theft
42% reduction in theft levels in first year and steady
decline since
© GSMA 2011 16
- 17. Success Factors
Co-operative spirit between all stakeholders
Mutual recognition of the need to combat handset theft
Voluntary undertakings avoided need for regulation
Need to focus and target devices - not users
Measures must be consumer friendly
Focus on effective solutions only
– Improved IMEI security
– Supportive legislation
– Blacklisting and not whitelisting
Theft levels and solution effectiveness need to be
measured
© GSMA 2011 17
- 18. Lessons Learned
Theft is a global problem and requires an international solution to
combat cross border trafficking of devices
National databases result in fragmentation & an incomplete solution
Industry and government must work together and align with
international initiatives and best practice
Focus must be on devices and not negatively impact legitimate users,
circulation of devices and competition
Resources must be focussed on workable and effective measures
Self regulatory initiatives can go beyond what regulation can achieve
Absolute elimination of theft is unachievable but holistic measures
can significantly reduce theft levels
Sufficient technical capabilities exist in global standards and via
GSMA
© GSMA 2011 18
- 19. Available GSMA Support
Regarded as a trusted knowledge source on handset theft matters
having worked with operators and governments in over 80 countries
Provide IMEI Database functionality free of charge for whitelisting
and blacklisting purposes
Assist network operators with their data sharing initiatives by
facilitating discussions on agreeing the rules and processes in a
memorandum of understanding
Provide IMEI number range data to national authorities that may
require it
Continued work on IMEI security levels
© GSMA 2011 19
- 21. Thank you for your attention
Any Questions?
James Moran
Security Director
GSM Association
http://www.gsma.com/technicalprojects/fraud-security/
http://www.gsma.com/latinamerica/gsma-latin-america/handset-theft-in-
latin-america-the-gsma-imei-database/
© GSMA 2011 21