New spec targets mobile phone security

MTM sets standards for storing data securely in mobile devices

Efforts to establish security standards for mobile devices were boosted Tuesday with the release of the Mobile Trusted Module (MTM) specification.

The specification offers a set of standards for mobile phone manufacturers and software developers to store data securely in mobile devices, such as smartphones and wireless PDAs (personal digital assistants).

The standards, issued by the Trusted Computing Group industry association, have been years in development. They are backed by numerous companies, such as Nokia, Samsung Electronics, and France Télécom, which are members of the Trusted Computing Group's Mobile Phone Work Group.

Like the Trusted Platform Module used in PCs, the MTM stores information in a secure area of the device to ensure the device's operating system, applications and data haven't been virtually or physically tampered with. It uses a system of "engines" within the device that report the state of their code so that their "trustworthiness" can be established.

Vendors can determine whether the MTM should be a discrete silicon chip or a system-on-chip implementation.

In addition to helping manufacturers and operators reduce the risk of virus attack and identity theft, the MTM can enable mobile payment and ticketing services.

Further information about the mobile phone security specification is available here

To comment on this article and other InfoWorld content, visit InfoWorld's LinkedIn page, Facebook page and Twitter stream.
From CIO: 8 Free Online Courses to Grow Your Tech Skills
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.