Smart Phone 'Kill Switch' Cuts Crime

Police See iPhone Thefts Decline After Apple Adds Feature
Smart Phone 'Kill Switch' Cuts Crime

Adding a "kill switch" to Apple smart phones has deterred criminals from stealing them, according to U.S. and U.K. law enforcement officials, who say Google and Microsoft have promised to also add the remote disabling feature to forthcoming versions of their mobile operating systems.

See Also: 2016 Annual Worldwide Infrastructure Security Update

"Apple started putting 'Activation Locks' on its iPhones last September, and preliminary crime statistics ... show that in the first five months of 2014, ... thefts of Apple products fell 16 percent in New York City from the same period the previous year, while thefts of Samsung smart phones and others increased a whopping 51 percent," said New York State Attorney General Eric Schneiderman, speaking at a press conference last week with San Francisco District Attorney George Gascon.

In the first six months following Apple releasing its activation lock, iPhone robberies decreased by 24 percent in London and 38 percent in San Francisco, officials reported, while thefts of non-Apple mobile devices increased.

"Almost half of the robberies in New York, San Francisco and London in 2013 involved a mobile device," Schneiderman said. "Smart phones were an attractive target because they're easy to steal, easy to strip of the data, to clean and make as if they were a new phone, and to fence and sell in black markets all over the world, in some cases for twice or three times the price the phone would get in the United States."

A spokeswoman for the London mayor's Office for Policing and Crime wasn't immediately able to confirm or comment on those statistics.

But Schneiderman said that the results demonstrate a "consistent pattern" among criminals - and across three very different geographies - following Apple's introduction of kill switches with iOS 7. Anecdotally, he added, New York City police officers have reported that criminals appear to be actively avoiding stealing recent-model iPhones because they don't want to be left with a "paper weight" with no resale value.

Microsoft, Google Join In

Schneiderman last week also announced that Google and Microsoft will build a "kill switch" into forthcoming versions of their respective Android and Windows Phone mobile device operating systems.

That's a big step forward for the so-called Secure Our Smartphones Initiative, which was launched last year by a consortium of international law enforcement agencies, elected officials - including London mayor Boris Johnson - and consumer advocates.

The initiative, however, has faced some hurdles. Notably, it originally focused on trying to get carriers to build kill switches into their devices. But carriers declined, even after Samsung last year offered to build the feature into its phones.

Defined: Kill Switch

IIn April 2014, however, carriers backed off somewhat, with CTIA, the trade association for the wireless industry, announcing its Smartphone Anti-Theft Voluntary Commitment, through which companies would ensure that their devices could be remotely wiped by an authorized user, rendered inoperable to an unauthorized user - except to dial 911 - and prevented from being reactivated except by an authorized user. The agreement also specifies that users should be able to restore their personal data to the device, from the cloud, if they've forcibly erased it, for example, after it was stolen. The CTIA kill-switch specification doesn't, however, allow people to track stolen devices.

A number of phone manufacturers and carriers - Apple, Asurion, AT&T, Google, HTC, Huawei, LG, Microsoft, Nokia, Samsung, Spring, T-Mobile, U.S. Cellular, Verizon and ZTE - have agreed to comply with the commitment, which covers "new models of smart phones first manufactured after July 2015 for retail sale in the United States."

That timing squares with a deadline set by Minnesota Governor Mark Dayton, who last month signed legislation requiring all new smart phones sold in the state to have a kill-switch feature by July 1, 2015. It also imposed new record-keeping requirements - including maintaining records for three years - for anyone who sells used cell phones.

Other states' legislators are reportedly weighing similar moves, and at the federal level, Sen. Amy Klobuchar, D-Minn., has introduced similar legislation.

Details: Microsoft, Samsung

A spokesman for Google didn't respond to requests for comment about what type of kill switch it would offer, or when the feature would debut.

But Microsoft says it will add the CTIA-defined kill switch feature to its current operating system, meaning devices purchased before July 1, 2015, should also be able to employ it. "The new theft deterrent features will be offered as an update for all phones running Windows Phone 8.0 and newer, though availability is subject to mobile operator and phone manufacturer approval," says Fred Humphries, vice president of U.S. government affairs for Microsoft, in a blog post. A related operating system update will debut before July 2015, he says.

Samsung, meanwhile, introduced a reactivation lock in April 2014, which ties devices to a user's Samsung account credentials. "When reactivation lock is enabled, it activates a special flag set in a secured memory storage area of the device. When active, this flag cannot be disabled by performing a factory reset or Android recover reset," Samsung says. So far, however, only some Verizon Wireless phones are using the feature.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the Executive Editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, amongst other publications. He lives in Scotland.




Around the Network