Cell phones & co: BSI introduces IT security label for mobile devices

A logo reveals: The manufacturer promises appropriate IT security! This is now also available for cell phones. Thanks to the BSI.

Save to Pocket listen Print view
Box says "IT security label" and contains a URL and a QR code

Unfortunately, the IT security label contains a QR code that attackers like to use to lure users to their websites.

(Image: BSI)

2 min. read

Mobile devices can now display the "IT security mark" from the German Federal Office for Information Security (BSI). The office is expanding its logo program launched in 2021 for indications of IT security promises on smartphones and tablets. The voluntary label is intended to support consumers in their purchasing decisions by enabling them to see at a glance that the manufacturer promises an "appropriate" level of IT security.

Mobile IT devices store and process "a large amount of relevant and sometimes personal data, such as photos, videos, text messages and contacts", says the BSI, explaining the move. Consumers must be able to rely on the fact that their cell phones "have an appropriate level of protection", emphasizes BSI President Claudia Plattner. Manufacturers can now make this transparent via the BSI label.

The adapted Technical Guideline (TR-03180 A) contains the specifications for the label: manufacturers undertake to monitor vulnerabilities, communicate them transparently and rectify them promptly. They should protect device data by an appropriate rights system in which the user has control over relevant sensors and interfaces. This involves the transparent display of assigned access options as well as constantly visible notifications when the microphone, camera or location sensors are in active use. According to the directive, pre-installed apps must communicate securely and not request any unnecessary authorizations.

To obtain an IT security label, the manufacturer must complete an application form and submit it with additional documents. The BSI only carries out a plausibility check on the basis of the documents, without going into any depth. So far, the BSI has awarded 57 such logos , 34 of them for broadband routers, 18 for email services and three for video conferencing systems. In the "smart consumer devices" category introduced in 2022, there has only been one allocation so far.

(ds)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.