Trustonic Asset Lifecycle Protection an Indication of Future Growth in Remote Device Management

Subscribe To Download This Insight

By Michela Menting | 4Q 2019 | IN-5693

Trustonic recently announced a new anti-fraud/anti-theft solution: Asset Lifecycle Protection Service (ALPS). The aim is to protect mobile devices (and smartphones in particular) against various threats to the network operators and other players in the mobile device ecosystem, notably profit erosion caused by device trafficking and fraud, as well as protection when devices are sold but not activated (SBNA) and those that are activated but not used (ABNU).

Registered users can unlock up to five pieces of premium content each month.

Log in or register to unlock this Insight.

 

Embedding Security

NEWS


Trustonic recently announced a new anti-fraud/anti-theft solution: Asset Lifecycle Protection Service (ALPS). The aim is to protect mobile devices (and smartphones in particular) against various threats to the network operators and other players in the mobile device ecosystem, notably profit erosion caused by device trafficking and fraud, as well as protection when devices are sold but not activated (SBNA) and those that are activated but not used (ABNU).

ALPS provides various tools to that effect, including remote lock and unlocking functions for the SIM and for the device itself. This is done by embedding ALPS capabilities at the point of manufacture. Trustonic leverages the Trusted Execution Environment (TEE) on the smartphone’s chipset to do this, binding the device’s IMEI cryptographically, and exchanging the keys with the OEM in the factory. The keys received by Trustonic are then encrypted into the Trustonic ALPS cloud. The ALPS device endorsement service can later be accessed by the operator with their own set of received keys to verify the integrity and security of the device.   

Applications Beyond Mobile

IMPACT


Currently, Trustonic’s TEE is embedded into more than 2 billion devices globally, with ALPS deployments on almost 100 million smartphones in two of the top three North American operators. The impact is not insignificant. Trustonic has been working the past seven years with smartphone OEMs in an effort to integrate with device production facilities and enable its solution to be embedded into new devices. But what is really innovative in the solution is that it will not only allow operators to cut cellular service, but also to lock down the whole device, so that a user cannot actually access any part of the operating system or mobile applications. This makes the phones completely unusable in any scenario. Trustonic hopes that this will help to significantly cut down incentives for fraud and theft.

But beyond smartphones, the implications for the broader IoT are interesting. There are any number of scenarios where remote device locking could be of interest to service providers, especially in the emerging sharing economy. GlobalPlatform, the standard body behind TEE, has made available a version for the IoT. As such, TEEs are likely to be leveraged across industries in a range of applications, ranging from automotive and industrial, to medical and consumer-based. This can be seen by the latest range of IoT microcontrollers from companies like Renesas, STMicroelectronics, NXP, Microchip, and Cypress, which prominently feature TEEs (and notably Arm’s TrustZone). This is in large part because Arm’s latest Cortex-M cores for the IoT (the M23, M33 and M35P) allow for usage of TrustZone technology.

For device OEMs (and not just smartphone OEMs), and IoT service providers, one can imagine that the possibility of locking down a device (for non-payment of services, or due to fraud or theft), is an enticing feature. The opportunities provided by a solution such as ALPS appear lucrative indeed.

Lifecycle Management

RECOMMENDATIONS


The future of mobile and IoT is increasingly tied to the prospects afforded by device lifecycle management. And not just from a security perspective. The ability to manage a device until end of life (or service) is appealing to both users and providers (whether these are OEMs or operators). It means that providers can create new business models (beyond billing) to offer users: real-time based usage insurance, analytics, monitoring, cloud connectivity and storage, re-provisioning, data protection, key management, revenue protection, etc. The possibilities are broad, and as devices become smarter and intelligence moves closer to the edge, solutions like ALPS but also more complete device lifecycle management services can be connected directly to the end device. Critically, providers need to understand that many such services hinge on the ability to securely connect to the device, and the most secure ways of creating that trusted link is by leveraging secure hardware and developing secure software. Technologies such as Trustonic’s TEE and ALPS service play a key role in enabling these functionalities, and providers should ensure they are focused on security by design in order to successfully create and sell trusted devices and services.

 

Services