“Following the excellent improvement in security achieved with ETSI EN 303 645 for consumer IoT devices, ETSI has been working on securing other consumer devices. ETSI TS 103 732 provides a complete solution to secure smart phones and tablets, minimizing privacy risks and maximizing user confidence that their smart devices protect their data" says Alex Leadbeater, ETSI Cybersecurity Chair.
The new ETSI standard specifies security requirements for consumer mobile devices. It ensures the protection of key user data such as photos, videos, user location, emails, SMS, calls, passwords for web services, and fitness related data.
The ETSI specification has a broad coverage of security features including cryptographic support, user data protection, identification and authentication, security management, privacy protection, resistance to physical attack, secure boot, and trusted communication channels.
In addition, ETSI TS 103 732 defines the security assurance requirements based on Common Criteria and it is therefore also suitable for certification initiatives such as the European Cybersecurity Act. The standard was developed to support consumer mobile devices manufacturers to achieve security certification. It also offers a common methodology for evaluators to assess the security of consumer mobile devices.
ETSI TS 103 732 is the first of a series of ETSI EN 303 645 derivative standards on consumer cyber security that ETSI will be delivering within the next twelve to eighteen months.