Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Why a smartphone 'kill switch' won't stop phone theft

Al Sacco | April 21, 2014
Yesterday, wireless industry group CTIA announced a partnership between many of the major smartphone makers and all of the leading U.S. wireless carriers that's designed to enable smartphone "kill-switch" functionality on handsets sold in the United States after July 2015.

Kill Switch Success Depends on the Users

Last month, Jerry Irvine, CIO of Prescient Solutions, an IT outsourcing services firm, stressed this fact to me in a conversation. It's not only true of consumers, but also corporate executives, who should presumably be more security conscious.

"I was recently in a meeting with about 25 CFOs of multimillion dollar accounts," Irvine said. "I asked how many of them had PINs on their phones, and less than a half a dozen said they did."

I suspect it will be a similar situation with the kill-switch option. You'll presumably only have to opt-in to the service once when you set up a new device. That's obviously much less intrusive than entering in a password every time you want to use your phone. But smartphone owners will still need to opt-in and remember their kill-switch passwords.

Then there are the privacy implications. Some people simply won't opt in to a program that gives device makers or carriers remote control over their devices, for fear that wireless carriers, government agencies or hackers could misuse the permissions.

At the very least, the kill switch should deter thieves, and that's a step in the right direction. But it will not solve the problem of smartphone theft.

Consider that the people stealing phones probably aren't the most reasonable folks in the world. A "steal first, consider kill switch later" approach seems likely -- even if it means ditching every other stolen device because it can't be unlocked. If half of all U.S. smartphone users opt-in to the kill-switch program, one in two stolen smartphones could still be sold on the black market. If you're a thief, those aren't bad odds.

I give the device makers and carriers credit for "voluntarily" implementing a kill switch...even they're only doing it because mandatory legislation seems imminent. I don't believe the kill-switch option should be forced on users, just as I don't believe passwords should be mandatory all on smartphones. As is the case with all information security measures, the responsibility ultimately falls on the user.


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.