A friend of mine at T-Mobile USA got in touch with me yesterday about the recent disclosure of Voice Mail access and Sidekick II personal information disclosure issues that have made news this week. He initially contacted me in a “Yo, why are you all over us like this?” kind of way, so I called him and we talked for a while about what’s been happening and what’s at stake for the future.
The first thing I said to him was that my coverage of these issues is not an indication of some latent hatred of T-Mobile. Quite the contrary in fact. I have been a satisfied T-Mobile customer for about three years, and I think their service is, on balance, better than what I had been getting on AT&T Wireless.
I’ve recommended the T-Mobile Sidekick II to some of my closest friends, and a few have bought them. This is why the disclosure of Paris Hilton personal information struck such a chord with me. Regardless of how this information was obtained, through a vulnerability in a customer-facing application like My.T-mobile.com or through social engineering, T-Mobile needs to batten down the hatches.
The biggest reason is because customer perception of the security of a device like the Sidekick II is going to be critically important. Through gadget blogs like Operation Gadget less sophisticated mobile phone users are going to learn that the Sidekick II stores all of the data that its owner enters into it on a server at Danger, Inc. (Danger is the manufacturer of the Sidekick II.)
The fact that all of the data on the Sidekick II lives on a central server ought to be a feature of this device, not a liability. If the servers are perceived as secure, then customers ought to be happy that the Sidekick II includes an always-on backup mechanism. There are only a few ways that Danger and T-Mobile can screw this up:
- The server environment proves not to be secure.
- The server environment is prone to service outages or unexplained data loss.
- The customer’s personal data is held hostage in an overly-aggressive customer retention effort.
T-Mobile is clearly dealing with a pretty significant problem with the security of the server environment. They need to aggressively address this problem and show the public that they are doing it.
T-Mobile is just the first carrier to experience security problems that have gotten the public’s attention. Other carriers probably have security problems in some of their customer-facing applications that have not yet been exposed.
A good example of this is the “feature” of many mobile phone voice mail systems that allows callers presenting a mobile phone number through Caller ID to “automatically” login to their voice mail. Now that value-added phone services can be used to alter the number that is presented through Caller ID when a call is placed, the automatic login feature for mobile phone voice mail systems ought to be removed. This feature is an invitation to personal information theft, and regular customers are going to get burned with increasing frequency unless the mobile phone carriers act with the customer’s best interests in mind.
I made the point in an article published earlier today that mobile phone carriers in other countries provide backup services so that customers’ phone directories aren’t lost. These services are valuable to some mobile phone customers and their use depends upon customers’ perception of value and security.
I don’t believe that any of the U.S.-based mobile carriers offer a phone directory backup service yet, but this is an example of the kind of new service that would be a non-starter if mobile carriers get the reputation for being lousy at security.
Russell Beattie has been talking about mobile services security for a while, and his article Mobile Security Thoughts is well worth reading in for more examples of services that depend upon customers trusting their mobile phone carriers. Russell said:
Having spent some time at a Location Based Services company, I can tell you from experience the reaction of many people when I talked about the cool new functionality that LBS will enable on the mobile phone. Services like keeping track of your friends’ locations, or monitoring the where-abouts of your kids. But the first reaction from almost everyone (usually Soccer Moms first) is, “Who’s going to have access to that info?” and the response is, “Well, just you and the people you give permission to,” and they always respond with, “Can you guarantee that?” And the answer is, “We have to.”
As mobiles start to become our portable data repository, our wallets and a location device, it’s going to be of the utmost importance to secure this system for both hacks on the server side and loss of the device (a more common experience) on the handset side. Carriers right now all want to become uber-portals, owning the user, providing all the services and controlling all the data. But you know what? They suck at it.
If customers lose faith in their carriers ability to secure the data in their mobile phones, a lot of mobile phone services that carriers want to offer in the future will be stillborn.