S 2.189 Blocking of the mobile phone in the event of its loss

Initiation responsibility: Head of IT, IT Security Officer, User

Implementation responsibility: User

If the the SIM card and/or the mobile phone is lost, the owner of the SIM card bears the costs for misuse of the mobile phone connection. Therefore, the network operator should immediately be prompted to block the SIM card in order to prevent potential misuse and therefore additional financial damage.

Furthermore, the PIN prompt of the SIM card should be enabled at all times (see S 4.114 Use of the security mechanisms provided on mobile phones). In the event of theft or loss, this function prevents unauthorised persons from using or analysing the SIM card. However, the PIN is only prompted when the mobile phone is switched on. If a switched-on mobile phone is stolen, this phone may be used to make phone calls until the rechargeable battery is flat!

If the mobile phone is lost or stolen, the network operator may furthermore add the mobile phone to a "black list" in order to prevent the phone from being used. For this, the network operator requires the device number (IMEI - International Mobile Equipment Identifier). This number can usually be found on the rear of the device and should therefore be written down and stored separately from the device.

When purchasing the device it should be ensured that the IMEI belonging to the mobile phone was provided in writing. It may also be read from the mobile phone, but the procedure is not uniform for all devices. The device number can usually be found on the nameplate below the rechargeable battery or can be displayed by entering "*#06#".

In order to detect the misuse of the SIM card in due time, the itemised bill must be checked for unexplainable charges and destination phone numbers.

All data required for blocking the SIM card and/or the mobile phone should be kept handy, but separately from the mobile phone. This includes

Review questions:

© Federal Office for Information Security. All rights reserved.