As part of our work on device authentication, DeviceAtlas Limited (developers of the DeviceAtlas and DeviceAssure solutions) spends time working with the International Telecommunications Union (ITU). Founded in 1865, the ITU assists in the development and coordination of worldwide technical standards and is the oldest global international organisation. Its standards underpin much of the infrastructure that we rely on day to day.
Our work in the ITU started when we were invited to attend a meeting of ITU-D in Geneva in 2018 as subject matter experts. This in turn had developed from being invited to a meeting of the Mobile and Wireless Forum in Vienna in 2017. DeviceAtlas Limited, formerly Afilias Technologies Ltd., has since joined the ITU following approval from the Irish Department of Communications.
For background, the basic organisational structure of the ITU is as follows:
Study Group -> Working Party -> Questions (the basic project unit)
The team of experts working on a question is called a “Rapporteur Group” (subject matter experts, in effect). “Contributions” are made by members to a Study Group.
The overall desired outcome of a Study Group is to decide what recommendations are required, and to then develop these recommendations though a shared consensus approach.
The ITU considers counterfeit devices important enough that it has a Question dedicated to this and related topics. The counterfeit work in the ITU takes place in Study Group 11 (Protocols and Test Specifications) under Question 15, which is tasked with “Combating counterfeit and stolen ICT equipment”. Many of the participants in this group are mobile operators and regulators but other organisations such as the GSMA are also active.
The most recent meeting of the Q15 group took place on March 9th to 13th 2020. We attended remotely due to travel restrictions. The following Work Items were tackled over the course of the meeting.
- Framework for Combating the use of Stolen Mobile Devices (Q.5051)
- Audit interface for blacklisting IMEI (Q.BL-Audit)
- Addressing ICT mobile devices with duplicate unique identifier (Q.DEV_DUI)
- Guidelines on Best Practice and Solutions for Combating Counterfeit ICT Devices (TR-BP_CF)
- Impact of Counterfeit Mobile devices on Quality of Service (TR-CF-QoS)
- Framework on combating counterfeit and stolen mobile devices in African region (TR-FCM)
- Common guidelines for conformity assessment in African Region in order to assist in the combat counterfeit ICT devices (TR-GAA)
- Reliability of IMEI (TR-RLB-IMEI)
We made a contribution to help inform members about IMEI reliability. This topic is central to many of the issues being handled by the rapporteur group since the IMEI is usually considered to be the canonical identifier for a cellular phone. Understanding the failure modes of the IMEI is crucially important in tackling both counterfeit devices and duplicate IMEIs.
Most of the meeting was occupied with incrementally moving forward the the work item documents described above. It’s a slow process—but this is how international standards are built.
Of particular interest to us is to ensure all technical solutions are considered in both detecting counterfeit devices and tackling duplicate IMEIs. In order to tackle these problems in a meaningful way, operators and regulators need solutions that can be deployed quickly and without having to change regulations first.
We will continue to update you here on activities in this area.