At the 3GSM World Congress, the GSM Association (GSMA), the global trade association for GSM mobile operators, and leading mobile phone manufactures Alcatel, Motorola, NEC, Nokia, Panasonic, Sagem, Siemens and Sony Ericsson, announced an agreement to help reduce the theft of mobile phones.

As a result, there has been established a series of measures to enhance the integrity of handset identities (IMEI - International Mobile Equipment Identity). IMEI was originally introduced, as a unique terminal (handset) identity, for type approval reasons, so that non-type approved terminals could be prevented from connecting to GSM networks. Nowadays, the IMEI is used to identify mobile station equipment on mobile networks in order to be able to take measures against the use of stolen or unsanctioned equipment.

The GSMA and manufacturers, working to achieve IMEI integrity, have agreed to handset security principles to provide guidance to handset manufacturers and to provide operators with a set of criteria against which handset security can be assessed. So the effectiveness of Equipment Identity Registers (EIR) currently in use to disable further use of phones once reported stolen, should be greatly improved. It is expected that handsets available during the next 18 months will be progressively compliant with the agreed principles.

In acknowledgement that the agreement doesn't make the issue of security absolute, the GSMA and the manufacturers have agreed to establish a formal process to centralize the reporting of newly identified IMEI security weaknesses.

In addition to the IMEI measures, the GSM Association said it is undertaking a concerted effort to extend and enhance the Central Equipment Identity Register (CEIR), its global database register of stolen phones, so that GSM mobile operators can work together to prevent the reuse of stolen phones. Previous to this agreement, the potential impact of the Association's database was compromised by security weaknesses in some handsets.

While the agreement is a step in the right direction, the GSM Association said it is only part of an overall solution that should include more done at the governmental level. Rob Conway, CEO of the GSM Association, said "we would like to see a more comprehensive approach that includes additional government-led action, such as we have seen in the UK." Where there has been the introduction of legislation to make IMEI reprogramming illegal.