ETSI (European Telecommunications Standards Institute) has published a new global standard aimed at improving the security of smartphones and tablets.
The specification, TS 103 732 — also called the “Consumer Mobile Device Protection Profile” — outlines the main security and privacy risks affecting mobile devices and defines measures to mitigate them.
Alex Leadbeater, Cybersecurity Chair at ETSI, commented on the development:
“Following the strong security gains achieved with ETSI EN 303 645 for consumer IoT devices, ETSI has extended its work to protect other consumer devices.
ETSI TS 103 732 delivers a comprehensive approach to securing smartphones and tablets, reducing privacy risks and increasing user confidence that their devices safeguard personal data.”
Key security controls specified include support for cryptography, protection of user data, robust identification and authentication mechanisms, security management practices, privacy safeguards, resistance against physical tampering, secure boot processes, and trusted channels for communication.
ETSI notes the standard is designed to protect the wide range of sensitive information commonly stored on mobile devices — photos and videos, location data, emails and SMS, call logs, passwords for online services, and health or fitness data — by setting baseline security expectations for manufacturers and developers.
The organisation also positions TS 103 732 as a practical framework evaluators can use to assess consumer mobile device security. It is intended to support certification schemes, including those aligned with the European Cybersecurity Act.
ETSI says this publication is the first in a planned series of consumer cybersecurity standards that will be released over the coming 12 to 18 months, aimed at improving security and privacy across a range of everyday devices.
(Photo by Oliur on Unsplash)
Looking to revamp your digital transformation strategy? Discover insights and practical approaches at the Digital Transformation Week virtual event, taking place 30 November – 1 December 2021, and learn strategies to make your digital initiatives more effective.