L'ETSI publie une norme sur la sécurisation des smartphones

Today the smartphones and tablets are fundamental to citizens and contain a wide range of user data and applications. At the same time, security attacks have multiplied with malicious applications and eavesdropping on networks.

To define security and insurance requirements for smartphones and tablets, mitigate potential risks and protect users, theEuropean Telecommunications Standards Institute (ETSI) has published a standard called: Consumer Mobile Device Protection Profile, ETSI Technical Specification (TS) 103 732. This specification identifies the main security and privacy risks to user data and provides appropriate protection.

"Following the excellent security improvement obtained with ETSI EN 303 645 for consumer IoT devices, ETSI has worked on securing other consumer devices", said Alex Leadbeater, President of ETSI Cybersecurity. “ETSI TS 103 732 provides a complete solution for securing smartphones and tablets, minimizing privacy risks and maximizing user confidence that their smartphones are protecting their data. "

The new ETSI standard specifies security requirements for consumer mobile devices. It provides protection for key user data such as photos, videos, user location, emails, short message service (SMS), calls, passwords for web services and web services. data related to physical fitness.

The ETSI specification covers a wide range of security features including cryptographic support, user data protection, identification and authentication, security management, privacy protection, resistance to physical attacks , secure boot and trusted communication channels.

In addition, ETSI TS 103 732 defines security assurance requirements on the basis of common criteria and is therefore also suitable for certification initiatives such as the European cybersecurity law. The standard was developed to help manufacturers of consumer mobile devices achieve security certification. It also offers a common methodology for assessors to assess the security of consumers' mobile devices.

ETSI TS 103 is the first in a series of ETSI EN 732 derivative standards on consumer cybersecurity that ETSI will deliver over the next 303-645 months.