Stolen cellphone databases switched on by major US carriers

Filed Under: Data loss, Featured, Law & order, Mobile, Security threats

Pickpocketing a mobile phone. Image from ShutterstockA friend was walking down a Manhattan sidewalk a year ago, staring into his iPhone in the now-ubiquitous, data-engrossed trance of a smartphone user.

A group of teenagers walked up to him. One gently plucked the phone from my friend's hand and jogged away, leaving him blinking, thinking for a brief moment that it was all just a joke.

It wasn't. That's the last he saw of that gizmo.

The CTIA, a wireless industry trade group, on Wednesday moved to stop smartphone thieves like those teenagers in their tracks by switching on databases to block stolen phones from being used on the four major US networks: AT&T, T-Mobile, Verizon and Sprint.

The initiative was first announced in April, when the US Federal Communications Commission teamed with police chiefs from major US cities and CTIA representatives to announce a database that would put a lid on the burgeoning number of smartphone thefts.

As MSNBC reported in October, New York City Police say that more than 40 percent of all robberies now involve cellphones.

As goes New York, so goes the rest of the country. Cellphone thefts in Los Angeles are up 27 percent over last year. Transit system authorities in cities such as Boston and San Francisco are launching ad campaigns that seek to alert riders of the danger of thieves preying on those who casually use, and get engrossed in, their phones while in public.

Carriers have up until now blocked SIM cards on stolen phones, preventing unauthorized calls from going through.

That was easy to get around: thieves would simply install a new SIM card and sell the phone on the second-hand market.

The new databases will instead block the International Mobile Equipment Identity (IMEI) number, a unique identifier that stays in the phone regardless of the SIM card being used.

IMEI

Chris Guttman-McCabe, vice president of regulatory affairs at CTIA, told IDG that the goal is to shut down the market for stolen phones:

"The goal is to not only protect the consumer by cancelling the service, but by ultimately protecting the consumer by drying up the after market for stolen phones."

The CTIA says that as of Wednesday, AT&T and T-Mobile will offer a joint database, given that they use more or less the same network technology - GSM - and their handsets can easily be used on each other's networks.

Verizon and Sprint use a different network technology, CDMA, and will offer their own databases.

Guttman-McCabe told IDG that by the end of November 2013, the four carriers will combine their databases so that "the vast majority" of US cellphone users will be covered.

Samsung smartphoneHe also said that smaller carriers such as Nex-Tech and Cellcom also have plans to implement the database, while work is under way to link the US database with an international database maintained by the GSM Association, to prevent stolen phones from being shipped overseas and used on foreign networks.

When it comes to losing something important, beyond the cost of the phone itself is the sensitive data stored on that phone, which can include contacts, photos, music, email, bank account numbers, and stored passwords.

Being able to prevent a stolen phone from being used to place unauthorized calls is a good step, but as the CTIA emphasized, consumers should still take steps to protect their phone data.

CTIA President and CEO Steve Largent said in a statement:

"While the GSM and CDMA databases are important, consumers also play a key role in protecting their information and preventing smartphone theft. By using passwords or PINs, as well as remote wiping capabilities, consumers can help to dry up the aftermarket for stolen devices. Today’s average wireless user stores a lot of personal information on a mobile device, such as pictures, video, banking and other sensitive data. It's important consumers know that by taking simple precautions, such as downloading a few apps, they can protect their information from unauthorized users."

The organization has guidelines here on how to prevent smartphone theft and protect personal information.

One thing I'd add to the CTIA's guidelines is to know your phone's identification number, given that your carrier may not have the number in their files.

The IMEI might be located on the box the phone came in, or you can find it by removing the cover from the back of the phone and taking out the battery. The number should be printed on the inside compartment.

In many cases you can obtain your IMEI by dialing *#06#. Vendors such as Apple have provided advice on how to find out the IMEI number on their phones.

That won't do you much good if the phone has already been stolen, though, so it's a good idea to write the number down or otherwise store it somehow.

Hopefully, soon phone thieves will only manage to walk away with a useless brick, if all goes according to plan.


Pickpocketing a mobile phone image from Shutterstock.

, , , , , , , , , ,

You might like

10 Responses to Stolen cellphone databases switched on by major US carriers

  1. Jon Fukumoto · 535 days ago

    This is a great deterrent for those trying to profit by selling stolen smartphones. I have found the IMEI for my iPhone on the box. This can also be accomplished by tapping Settings --> About. Write the number down and keep the information in a safe place. To keep your iPhone safe, always use a complex password, turn on Location Services, and install the Find My iPhone app which is free. This will allow you to locate a missing or stolen iOS device and either lock it out or remotely wipe the data from it. When using any smartphone, be aware of your surroundings and avoid using it in situations where it may jeopardize your safety. In addition, use restrictions and prevent access to the following:

    --Settings for any email account and iCloud
    --Prevent unauthorized use of your iTunes account by removing the icons for both iTunes and App Stores
    --Disable In-App purchases
    --Require entry of password each time an In-App purchase is made
    --Lock out the ability to turn off Location Services
    --Erase all data on the iPhone after 10 failed attempts of the password

    By doing the above, your iPhone will be most secure. Also, be sure to back up your device before going out. These are the security measures I put in place to protect my iPhone and the data stored on it.

    • Laurence Marks · 534 days ago

      You can use the USS api to find out the IMEI. Simply bring up the dial pad and dial *#06# and the IMEI will appear on the screen. This works on all phones, smart or dumb.

  2. So would a potential buyer be able to query this database before buying a secondhand phone? I would like to know if my new phone I am about to buy is going to be a brick or not.

  3. Tina · 535 days ago

    My phone was stolen and the IMEI Number was blocked by ATT, but the phone can still be used as an iPod by someone else - so it's not in fact a useless brick, unfortunately. The problem is that Apple doesn't offer it's customers any protection. Someone can link a "frozen" phone to an iTunes account and reset it. Even if it is password protected, connecting an iPhone to an iTunes account will erase your data (which is important and a protection feature) and sync the new account's information to your phone. Apple doesn't care if the serial number of that phone, that is registered in your iTunes account, belongs to a stolen phone or not.

    If a stolen phone is brought into an Apple store for service, I was told it's "up to the manager's discretion" as to whether or not they would do anything about it. Consumer protection on Apple's end is seriously lacking.

  4. Seems like only yesterday that the UK networks began sharing data to block stolen handsets, except the project was actually delivered in 2002. Why has it taken so long for US to adopt?

  5. Spenser · 534 days ago

    About two years ago, I purchased two Sprint phones - a Blackberry and a smartphone - from a police auction. Both came complete with the drug dealer's personal info, texts, photos and contact info for his connections.

    When I went to the local Sprint office to wipe the phones and get a new contract for phone service to use them for myself, I was informed one of them was reported as stolen by the drug dealer and could not be reactivated, even though I had proof of purchase from the police department. They determined later that the drug dealer had used his one phone call from jail to report the phone as stolen!

    The other phone had a prior balance of about $800 from the drug dealer and Sprint would not do anything until I paid the drug dealer's bill. Again, proof of new ownership didn’t mean anything to Sprint.

    Needless to say, my legally purchased phones were worthless, but the police department that sold me the phones took them back and now refuses to sell Sprint items. Not only that, but Sprint has now permanently lost a customer due to stupidity on their part.

    • Wow, as a European who have only seen a police auction on tv sounds crazy!
      Don't get me wrong, I totally agree with you and sprint is acting like an old fashioned eastern european goverment run company. The only difference if it happenied here, you were proably never got refunded by the seller..
      So just out of curiosity can you get some gangter's cadillec escallade through the police auction a lot cheaper? Crack included, haha? :D

  6. Mike · 534 days ago

    I do wish Apple would block stolen ipods, etc. from activating with itunes.

    And +1 to the idea of a customer being able to query the database before an ebay / craiglist purchase.

    Mike

  7. Ereck · 532 days ago

    The Nationwide database of stolen cellphones is not enough. It only serves to create a second victim, that being the person the stolen phone is sold to. In order to truly impact theft we need a public access live database that a would be used phone buyer can check to ensure the device that they are about to purchase has not been locked by the carrier. Once that exists then we can consider this a win.

  8. nash · 532 days ago

    Vodafone has been doing this internationally for the best part of 7 years from memory!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.