Today our smartphones and tablets are fundamental for citizens and hold a wide range of user data and apps. At the same time, security attacks have increased with malicious applications and network eavesdropping. To define security and assurance requirements for smart phones and tablets, mitigate potential risks and protect users, ETSI has released a world class standard called Consumer Mobile Device Protection Profile, ETSI TS 103 732. The specification identifies key security and privacy risks for user data and provides appropriate protection.
The new ETSI standard specifies security requirements for consumer mobile devices. It ensures the protection of key user data such as photos, videos, user location, emails, SMS, calls, passwords for web services, and fitness related data.
The ETSI specification has a broad coverage of security features including cryptographic support, user data protection, identification and authentication, security management, privacy protection, resistance to physical attack, secure boot, and trusted communication channels.
In addition, ETSI TS 103 732 defines the security assurance requirements based on Common Criteria and it is therefore also suitable for certification initiatives such as the European Cybersecurity Act. The standard was developed to support consumer mobile devices manufacturers to achieve security certification. It also offers a common methodology for evaluators to assess the security of consumer mobile devices.