msmobiles.com - Cellular News - Mobile Phone Theft addressed by GSM Association

Mobile Phone Theft addressed by GSM Association
December 17, 2004;
Helping mobile operators to deal with theft.

GSM Association Enhances Operators’ Ability To Address Mobile Phone Theft

The GSM Association (GSMA), the global trade association for the world’s GSM mobile operators, continues its drive to improve operators’ ability to deal with mobile phone theft, through plans to introduce more cost effective Equipment Identity Registers (EIR) - local databases used to blacklist stolen phones.

“The cost to operators today of implementing local stolen phone databases, on a per subscriber basis, is prohibitively high,” said Rob Conway, CEO of the GSM Association. “This has been a significant barrier to implementation for many operators, in many markets of the world. Our members are in need of more cost effective solutions, tailored to the needs of their markets.”

In response, the GSMA has created GSM Technology Services, a venture with iLabs that will offer cost effective EIR solutions together with improved functionality. “Over time we believe we will be able to leverage greater economies of scale to further reduce costs, and therefore improve the viability for more operators to develop their own customised databases,” said Conway.

GSM Technology Services will offer two alternative cost-effective Equipment Identity Register (EIR) solutions, customised to meet mobile operators’ specific market based requirements. The first is an innovative centralised managed EIR service that will significantly lower the initial investment required to implement an EIR system. The second is a newly developed local EIR database solution. Both options are expected to offer substantially reduced set-up costs compared with the offerings currently available on today’s EIR solutions market.

"We are excited to partner with the GSMA for the creation of this new entity" said Mr. Sandeep Reddy, Vice Chairman iLabs group. "It will be our endeavor to develop and take to market highly relevant offerings to the GSM community working closely with the Industry body", Reddy added.

The identities of stolen handsets uploaded to local EIR databases are uploaded to a central database hosted by the GSM Association (the Central Equipment Identity Register or CEIR). The GSMA is also poised to extend and upgrade the functionality and scalability of its central database.

Operators connected to the existing central database will be migrated to the upgraded global database during early 2005. The upgraded database will be able to accept new connections from the second quarter.

The GSMA’s announcement builds on the agreement, reached earlier in 2004 between the Association and leading handset manufacturers on measures to enhance the integrity of handset identities.

The investment in the upgraded global database and greater security of electronic identities underlines the commitment of the industry to the fight against phone theft.

The new database solutions build on a concept developed by the GSM Association in the mid 1990s. Participating operators log the electronic identities of mobiles reported as stolen or lost by their own customers on a database known as an Equipment Identity Register or EIR.

The latest additions to this local database are regularly uploaded to a central database hosted by the GSM Association (the Central Equipment Identity Register or CEIR). While connected to the central database, the operator downloads changes submitted by all other participating networks to create a local copy of the central database. Each time a mobile phone tries to access a participating network, its identity is checked against the operator’s local database: black-listed stolen phones are denied access.

The GSMA and manufacturers, working to achieve the integrity of handset identities – technically known as the IMEI or International Mobile Equipment Identity - have agreed a set of criteria against which handset security can be assessed. Manufacturers who have committed to the delivery of secure handset identities are Alcatel, Enfora, Mitsubishi, Motorola, NEC, Nokia, PalmOne, Panasonic, Philips, Sagem, Samsung, Sanyo, Siemens and Sony Ericsson.

The IMEI was originally introduced, as a unique handset identifier for type approval reasons, so that non-type approved mobile devices could be prevented from connecting to GSM networks. Nowadays, the IMEI is used by networks to identify handsets in order to be able to take measures against the use of stolen equipment and individual handsets whose use can not be tolerated because its performance is detrimental to the operation of the network or interferes with the quality of service experienced by other users. Additionally, the IMEI can be used to allow infrastructure to load appropriate patches and adaptations to overcome inter-working issues.

In acknowledgement of the fact that security is not absolute, the GSMA and the manufacturers have agreed to establish a formal process to centralise the reporting of newly identified IMEI security weaknesses. The overall objective of this initiative is to improve handset security levels during the manufacturing life cycle of current and future products. The GSMA and the manufacturers involved have also committed to investigating additional technical means through which handsets will be rendered useless after theft.

Both sides of industry have also worked closely with the European Commission, European and other governments, and with regulatory bodies, to address this issue over the 18 months.

To learn more click here.

Back to other news index