Telecoms.com periodically invites third parties to share their views on the industry’s most pressing issues. In this piece Ben Cade, CEO of Trustonic, gives us an overview of the black market in stolen smartphones.

Trafficking of fraudulently obtained and sold-but-not-activated smartphones has been a thorn in mobile network operators’ (MNOs) sides for almost as long as there have been smartphones. This is no surprise – wherever there is value, thieves will follow.

What did send shockwaves through the wider telecoms ecosystem recently, though, was Verizon and the GSM Association (GSMA) exposing the extent of the problem.

The GSMA conservatively estimates that over 4 million prepaid devices are trafficked in the United States each year, at a cost of $900 million. Verizon alone lost $190 million in 2018 – a huge increase from the $115 million that smartphone theft and fraud cost the carrier in 2017.

This criminal activity is occurring at all stages of the device lifecycle. Currently, between 5-25% of smartphone theft is committed during supply chain shipments, and in-store robberies are increasing dramatically. In 2017, Verizon reported a 200% year on year increase in store robberies. This impacts much more than the company’s bottom line, as employees and customers are put at risk of physical danger and fraud. Verizon also estimates that more than 7,000 customers have their identity stolen each month by thieves who use these identities to fraudulently order new smartphones and sell them on the black market.

With the figures and impact laid bare, it becomes clear that resolving this issue must be a priority. To do that, we must review the two solutions used by carriers until now, why they didn’t work, and what that can teach us about how to effectively reduce, and even prevent, smartphone trafficking.

Manual unlock codes

This is the most common approach currently in place, with most carriers leveraging software locks on active devices that prevent them from being used on other MNOs’ networks. This approach is reasonably straightforward to implement, but comes with many downsides.

First, it’s important to note that there are millions of consumers that would like to unlock their smartphone for legitimate reasons once the device finance has been settled. For these customers, receiving and inputting the unlock code manually involves phoning their operator’s customer service helpdesk, confirming their identity (usually through passwords), requesting and writing down the unlock code, attempting to input the code, and, usually, discovering they have made a mistake when either writing down or inputting the code and needing to go through the whole process again. It is time-consuming, error-prone, and deeply frustrating for the consumer, and creates high CARE costs for the mobile operator.

Historically, user and device authentication was a balancing act between customer experience and strong security (although thankfully, new technologies like biometrics are breaking this cycle). The uninitiated would be forgiven for thinking that the poor UX of manual unlock codes must be caused by strong security working in the background. Unfortunately, that’s not the case.

Not only are manual unlock codes open to abuse by unscrupulous carrier employees, which is why they can be bought and sold in black markets on the dark web, but they don’t protect devices until after they have been activated.

And, if the frustrating UX and limited security wasn’t enough, the manual unlock process is expensive to maintain for carriers, requiring large expenditure in contact centre systems and staffing.

Carriers have attempted to improve this process, but with limited results. Verizon, for example, is in the process of implementing a temporary lock period of 60 days to prevent customers from fraudulently switching to another operator. After the 60 day period has elapsed the smartphones can then be unlocked. While this does address the issues around poor user experience, therefore also reducing CARE costs, it still does not protect devices pre-activation.

Kill switches

‘Kill switches’ give consumers the power to deactivate devices remotely if stolen. In areas where this functionality is required by law it has been a successful theft deterrent. The state of California, for example, experienced a 22% decrease in smartphone related thefts within a year of the legislation being enacted.

Despite its successes, many mobile operators remain opposed to kill switches. Carriers have concerns about a negative impact on revenue, and the solution shares an issue with manual unlock codes – a large proportion of smartphone theft happens pre-activation. As kill switches do not remove the incentive for thieves to steal devices in transit, the risk is simply moved from consumers to supply chain employees and revenue is still lost.

So, with legacy solutions insufficient, where do we go from here?

Hardware-based device protection

The most recent development in this space differs from other solutions because it is rooted in device hardware, rather than being purely software based. Lock / unlock technology is embedded into devices during manufacture and does not require consumer activation. This means that the device is protected from the moment it leaves the production line and throughout its lifecycle, resolving a key problem left unanswered by post-activation manual unlock codes and kill switches. This means devices cannot be used if stolen, removing the incentive for fraudsters.

The use of a secure hardware “Root of Trust” means that manual unlock codes are unnecessary, the lock/unlock process is impossible to hack, even if the smartphone is re-flashed, and, crucially, that the mobile operator can lock the smartphone again at any point in the future if a subscriber does not fulfil their contractual obligations.

Already used by two of the world’s largest operators due to the ease with which the solution can be deployed at scale, the process is also smooth and simple at the consumer level. Customers only need to launch the secure, pre-loaded app on the device and press the “request unlock” button. If they meet the carrier’s eligibility criteria (for example if they have been a paying customer for a specific period of time), the phone is then automatically unlocked. The improved user experience is better for carriers’ customer relations and their bottom line, as much less investment in contact centres is required.

Removing the incentive

The combination of embedded hardware protection and software-based kill switches remove the incentive for smartphone trafficking by protecting devices throughout their lifecycle. Until the device is in a consumer’s hands, and even after, carriers can leverage the secure hardware to render devices unusable. The addition of kill switch technology enables consumers to de-activate their own smartphones if they are targeted individually, further reducing the opportunities for smartphone thieves to profit from their criminal activity.

The cost and process efficiencies are further benefits of a solution that is already protecting revenue, individuals throughout the supply chain and consumers from the dangers posed by organized smartphone theft and trafficking rings.

This is a small but significant change in the value chain that could have a huge impact globally – enabling carriers to crack smartphone crime once and for all.

Ben has a proven track record in establishing and scaling businesses. Prior to Trustonic, Ben founded Linaro the Open Source Software venture backed by IBM, Samsung, ARM and other key industry stakeholders. During his tenure at ARM he established and led the Security Division, helped scale the Infrastructure Business Unit from zero revenue to eight figures in under 18 months, and helped establish the ARM M&A and Corporate Venture Capital function. Over his career Ben has worked in major Asian and European blue chip companies as well as at the front line in small and medium enterprises (SMEs) operating globally. His passion lies in taking bold ideas and great people and turning them into businesses. He holds an Executive MBA from the London Business School and a Masters in Engineering from Southampton University.