Industry Initiative Offers ‘Security Recommendations’ to Future Proof Mobile Devices

 London, UK, 22 May 2008, OMTP, the mobile operator led organisation today announced its most detailed  set of recommendations to date which will set the baseline for hardware security in mobile devices for the next five to 10 years.
 
The OMTP recommendations are published in the new document “Advanced Trusted Environment” which focuses on the full set of hardware security requirements which will enable new services to be run with confidence. Available now from www.omtp.org, the document discusses security recommendations that if implemented will enable a device to provide better protection for new mobile payment solutions and services, such as pay-per view TV and ensure that security in mobile phones remains one step ahead of exploitation by hackers.
 
The document comes at a time when analysts are predicting that mobile payments and banking will soar. A report, “Mobile Financial Services: Banking & payment markets 2007-2011*” by the telecommunications analyst firm Juniper Research concludes that a rise in mobile transactions will result in just over 612 million mobile phone users generating over $587 billion (£295 billion) worth of financial transactions between 2007-2011.
 
The implementation of the recommendations in the “Advanced Trusted Environment” document will enable mobile services to be securely deployed to customers and takes a big step forward in protecting the customer and service provider from possible hacking attacks and fraud.
 
OMTP participants, including Trango Virtual Processors and VirtualLogix, have already stated conformance to the new recommendations through the OMTP Product Profile process. Any company, regardless of whether they are a member of OMTP, can make a product profile statement which indicates their compliance to the OMTP recommendations (see http://www.omtp.org/ProductProfile/).
 
“All OMTP’s recommendation documents aim to protect the customer and the mobile operator. The new Advanced Trusted Environment recommendations form the secure backbone for forthcoming mobile applications, particularly those that focus on handling sensitive data.” commented Tim Raby, MD OMTP, “With m-commerce predicted to explode, operators need to ensure that their subscribers are ‘invisibly’ protected against potential security threats, so that their mobile transactions can be dealt with in confidence.”
 
"ARM welcomes the publication of the Advanced Trusted Environment which can help protect consumers and the mobile industry from hackers," says Richard Phelan, TrustZone® Product Manager, ARM.  "ARM has been a long term advocate of hardware-backed Trusted Execution Environments.  Our TrustZone processor architecture extensions and software can enable developers to rapidly bring ATE compliant products to market quickly".
 
The TR1 recommendations reaffirm the critical importance of embedded security in mobile platforms, further expanding the already broad adoption. Discretix is proud to have actively contributed to the recommendations, and will continue to support this important effort. – David Deitcher, CTO, Discretix, Inc.
 
"Consumers are now starting to use mobile handsets for services that demand additional levels of security, so OMTP’s Advanced Trusted Environment (TR1) is a welcome development”, said Hervé Sibert, security expert at NXP Semiconductors' mobile & personal business. “NXP's appropriate chip-sets are already compliant with several of the TR1 recommendations and we are committed to a roadmap of full TR1 compliance in line with market and service demands: we believe TR1 offers a security foundation for sensitive services that will significantly enhance the value of the mobile mass-market.”


"We are proud to have been able to work with OMTP on creating a robust security framework that will ensure that mobile users have confidence in their devices and the integrity of their transactions." - Pierre Coulombeau Chief Operating Officer of Trango Virtual Processors.
 
“As a company that has worked with the OMTP organization closely and was the first to submit a product profile conforming to the organization’s Trusted Environment standards in 2006, VirtualLogix recognizes the importance of having standardized and broadly accepted security requirements for the mobile devices ecosystem,” said Mark Milligan, Vice President of Marketing, VirtualLogix. “Delivering the highest level of security needs to be a priority for mobile device developers and virtualization is proving to be a key technology to enabling an advanced level of protection. VirtualLogix looks forward to continuing to support the OMTP as its recommendations are adopted across the industry.”