		Home GSM Arab World GSM Europe GSM Latin America About Us Vision People GSMA Board Chairman GSMA CEO Executive Management Committee Introduction Executive Management Committee Biographies Regional Interest & Working Groups GSMA Officers GSMA Professional Staff Membership Full Membership Associate Membership Frequently Asked Questions Operator Members Associate Members List About the Infocentre Member Press Releases Networks on Air Success Stories History of GSM & GSMA Careers Vacancies Download GSMA Brochure 2008 Contact Us Technology GSM What is GSM? Glossary of Terms Using GSM GPRS GPRS Class Types GRX Information GPRS Guidelines EDGE 3GSM FAQ's Resources 3G Evolution & HSDPA HSPA About HSPA Networks Devices News Resource Centre Case Studies White Papers Services Voice Messaging Entertainment Location-Based Services M-Commerce User generated content Video Services Services Document Downloads Document Downloads GSM Roaming Roaming Defined How Roaming Works GSM Coverage Maps Coverage Maps on your Mobile EU Roaming Regulation Best Roaming Prices (Europe) Public Policy Bridging the Digital Divide Infrastructure Sharing Competition and the Mobile Sector Gateway Liberalisation Universal Access Emerging Market Handsets Development Fund Micropayments Tax and the Digital Divide East Africa Regulation and the Digital Divide Disaster Relief Economic Benefits of Mobile Licensing For Growth Other resources Spectrum World Radiocommunication Conference 07 Spectrum Harmonisation Alternative Technologies 3G Extension Band 2500-2690MHz 3G/GSM Frequencies IMT-2000 GSM Spectrum Links Position Papers Mobile Content Action against child sexual abuse content Supporting Quotes Mobile Spam Age-sensitive Commercial Content Health & Environment Position Papers FAQ Hearing Aids FAQ Links Mobile Abstracts Health Policy Update GSMA Support for Research Independent Reviews Science Milestones Mobile Lifecycles External Coverage Regulatory Fraud & Security IMEI Database Mobile Application Security GSM Security Algorithms Security Accreditation Scheme Certification Body SAS Auditors For Smart Card Suppliers Accredited Smart Card Plants Smart Card Participation Form Fraud Training About The Programme Why The GSMA Course Modules Upcoming courses Training Partner Contact us Security Advice For Mobile Phone Users Mobile Phone Theft Spam and Mobile Phones Viruses and Mobile Phones Secure Use of Voicemail Services Safe and Secure Evolution to IP Billing Standards What is TAP3? TAP Testing Toolkit Etiquette Media Centre Press Releases 2008 2007 2006 2005 2004 2003 2002 2001 2000 1999 1998 1997 Members Press Releases Mobile Business Briefing GSM Statistics Newsletters and Publications Books Document Downloads Events Mobile World Congress Global Mobile Awards Mobile Asia Congress Asia Mobile Awards Mobile Money Transfer Summit Members' Forum Leadership Summit Roamfest Roaming Seminar Series Mobile Innovation Market - Americas Initiatives Mobile Media & Entertainment Programme Pay-Buy-Mobile Number Resolution Service Horizon Series IP Interworking Mobile Money Transfer 3G for All Personal Instant Messaging Bridging the Digital Divide Universal Access Emerging Market Handsets Development Fund Micropayments Tax and the Digital Divide Total Cost of Ownership Regulation and the Digital Divide Disaster Relief Economic Benefits of Mobile Other resources Register for Dotmobi Mobile Innovation Market Open Connectivity


	Public Policy
	Bridging the Digital Divide
	Spectrum
	Mobile Content
	Health & Environment
	Regulatory
	Fraud & Security
	» IMEI Database
	» Mobile Application » Security
	» GSM Security » Algorithms
	» Security » Accreditation » Scheme
	» Fraud Training
	» Security Advice For » Mobile Phone Users

	Evolution to IP
	Billing Standards
	Etiquette

Mobile Application Security

The market share of mobile user equipment with open operating systems is steadily increasing and will continue to grow rapidly in future. Openness offers clear benefits to customers, device manufacturers, software developers and operators as it facilitates the development of rich and compelling applications. However, openness also presents challenges and risks and malicious applications are likely to increase in number and complexity in the future. Therefore, mobile application related security is a key issue for the mobile industry.

GSM Association Mobile Application Security Initiative
The GSM Association identified the need for a more coordinated approach to application security across mobile operating systems to reduce the risk of malware whilst facilitating users and developers. A dedicated project team embarked on an industry initiative to proactively define and promote an effective solution across open OS platforms and operators. From the outset, the focus was on prevention rather than detection and cure and the objective was to use application certification and terminal security policies to create an environment designed to reduce the risk of malware impacting on consumers.

The challenges for the Mobile Application Security Special Project Team (MAS) were many and included the need to:

Proactively protect mobile users from fraud and malicious applications
Assure quality and accountability of mobile applications
Maintain trust in mobile platforms (and avoid similar problems in the Internet world)
Secure existing and future business
Protect operators against costs originating from malicious applications
Facilitate certification processes to reduce barriers for developers
Ensure consistency across different OS platforms and operators.

Findings Published
In the course of its work, MAS defined a set of aligned terminal and certification programme requirements necessary to limit security risks and to support stakeholder needs. The initiative identified gaps in the existing terminal and certification process implementations and presented its key findings and recommendations to GSMA members and other key stakeholders on a confidential basis. A summary report of the MAS output is now available.

What's Next?
Although MAS has concluded its work, much remains to be done to ensure the barriers necessary to reduce the risk of malware are erected. Much of the necessary follow on work is already underway in the Open Mobile Terminal Platform (OMTP) and industry players are strongly encouraged to engage in the ongoing activities to further validate and strengthen the countermeasures already identified.

For further information on the Mobile Application Security project please contact James Moran

GSM World - the world wide web site of the GSM Association.

© GSM Association 2008
GSMA, the GSMA logo and the various logos containing the letters GSM are trade marks of the GSM Association or GSMC Limited

Anti-Trust Policy Statement | Disclaimer | Cookie Policy | Privacy Policy

* GSM customer counter, located on the homepage of GSM World is indicative only, estimated from market data collected by Wireless Intelligence. It is not a precise figure, nor usable for legal purposes