TIME Smartphones

Phone Makers and Carriers Agree to Add Anti-Theft Kill Switches to Smartphones

Motorola, Microsoft, Nokia, Samsung, HTC and Huawei will join Apple and Google in allowing smartphone customers to deactivate their handsets from afar if they are lost or stolen. If enough people are actually able to do so, it might make thieves think twice

Apple and Google already allow you to remotely lock a lost or stolen phone, but now more phone makers and carriers are joining in with promises to include “kill switches” by July of next year.

The voluntary commitment, outlined by the wireless trade group CTIA, includes four capabilities that all smartphones must include:

1. Remote wipe the authorized user’s data (i.e., erase personal info that is added after purchase such as contacts, photos, emails, etc.) that is on the smartphone in the event it is lost or stolen.

2. Render the smartphone inoperable to an unauthorized user (e.g., locking the smartphone so it cannot be used without a password or PIN), except in accordance with FCC rules for 911 emergency communications, and if available, emergency numbers programmed by the authorized user (e.g., “phone home”).

3. Prevent reactivation without authorized user’s permission (including unauthorized factory reset attempts) to the extent technologically feasible (e.g., locking the smartphone as in 2 above).

4. Reverse the inoperability if the smartphone is recovered by the authorized user and restore user data on the smartphone to the extent feasible (e.g., restored from the cloud).

AT&T, Sprint, T-Mobile and Verizon have all agreed to allow these features on the phones they sell. Apple, Google, HTC, Huawei, Motorola, Microsoft, Nokia and Samsung have signed onto the agreement as well.

The industry hasn’t always been so keen on kill switches. Samsung reportedly tried to offer this anti-theft feature last year, but said that wireless carriers had rejected the idea. At the time, the CTIA said mandatory kill switches could become vulnerable to hackers, who could then disable users’ phones remotely.

It’s unclear why the CTIA has changed its mind now, but the group may be trying placate lawmakers with a voluntary commitment under its own terms. Worth noting is that the commitment doesn’t require phone makers to enable the kill switch by default.

For that reason, some lawmakers such as California state Senator Mark Leno aren’t satisfied. In a statement to Recode, Leno said the kill switch will only deter thieves if they know most smartphones will be rendered useless. (It’s sort of like herd immunity, where even the non-immune are protected as the epidemic stops spreading.)

But there’s a balance to be struck here. Although opt-in kill switches won’t be effective if most users don’t take advantage, mandatory kill switches won’t help if users don’t know about the feature and don’ t know how to use it. Whether it’s opt-in or opt-out, the effectiveness really comes to down implementation.

Apple provides a good model for how the system should work. When users set up their iPhones for the first time, they’re given a prominent option to enable Find My iPhone, so new users should be well aware of the feature. As of iOS 7, Find My iPhone includes an Activation Lock feature that prevents thieves from erasing or reactivating the device. Google has taken similar steps recently with Android Device Manager, which gained a remote lock feature last fall.

The key is for phone makers and carriers to teach users about these features, so they know what to do when their phones are lost or stolen. But that’s a lot trickier to legislate.

Your browser, Internet Explorer 8 or below, is out of date. It has known security flaws and may not display all features of this and other websites.

Learn how to update your browser
Follow

Get every new post delivered to your Inbox.

Join 45,130 other followers