Mobile industry issues handset-security guidelines

The mobile-phone industry has come up with a set of recommendations for improving handset security.

The Open Mobile Terminal Platform (OMTP) — a group including handset makers and mobile-network operators — has published two documents setting out its recommendations for tightening mobile security over the coming years, as services such as pay-per-view TV and 'm-commerce' arrive on handsets.

As well as looking at how to counter the threat from hackers seeking to exploit stolen, blocked mobiles by reprogramming their ID number, the documents detail enhancements to existing hardware security to ramp up virus and malware protection. They outline a series of tools and mechanisms designed to bolster security processes in areas such as secure data storage (for protecting sensitive data) and trusted execution environments (for sandboxing sensitive software).

Detective superintendent Mick McNally, head of the National Mobile Phone Crime Unit, said in a statement: "Technology is increasing at an incredible rate. We need to ensure that the incentives for people to steal mobile phones are taken away."

The two documents, entitled Advanced Trusted Environment: OMTP TR1 and Security Threats on Embedded Consumer Devices, can be downloaded from the OMTP website.