How technology is combatting physical security vulnerabilities in smartphone supply chains
Smartphones play an intrinsic role in our everyday lives, enabling us to stay connected with one another and carry out a wide range of additional actions besides. Given the vast array of potential applications that these devices hold, it’s no surprise that there are now approximately 6.94 billion smartphones in circulation around the world – accounting for 85% of the global population.
However, the strong demand for smartphones makes them a lucrative target for criminals looking to exploit weaknesses along the supply chain. The unfortunate reality is that original equipment manufacturers [OEMs], retailers, financiers, and mobile operators can all fall victims to these criminal entities at any stage –from the moment that a shipment of smartphones leaves the manufacturer, right through to the end-customer returns process.
While supply chain theft has always been present, the issue has accelerated significantly in recent years. For example, a recent report published by CargoNet revealed that theft incidents across Canada and the US rose by 59% during the third quarter of 2023 alone. Furthermore, a separate report from Shopping and Freight Resource characterized South Africa has ‘the wild west’ for supply chains within the EMEA region, with the country experiencing thousands of attacks on an annual basis. Despite encompassing a wide variety of consumer goods categories, these statistics serve to exemplify the growing challenges that smartphone OEMs face in protecting their investments, and getting them safely to market.
What are the key vulnerabilities in smartphone supply chains?
Not only is the threat of supply chain theft constantly growing, so too is the range of potential physical vulnerabilities, and there is a select number that are significantly more commonplace than others. For example, shipments travelling from a manufacturer’s premises to a warehouse are ripe for attack, and are increasingly being intercepted by criminal organizations.
This is precisely what happened in the UK during November 2020, when thieves stole five million pounds-worth of Apple smartphones from a delivery vehicle that had stopped on a slip road. The perpetrators left both the driver and security guard tied up, and made off with the highly lucrative haul.
A similar incident took place in 2018, when a Brazilian gang disguised as airport workers stole a shipment of Samsung Galaxy S9 devices with a combined value of $1 million. At the time, the theft was reported as ‘the latest in a near constant stream of brazen robberies by thieves targeting commercial cargos’, highlighting the alarming rate at which such crimes are committed. Even if a shipment of smartphones successfully reaches a retailer’s warehouse, this doesn’t necessarily mean that the devices are now safe.
In May 2018, for instance, three men broke into a storage facility owned by an electronics company to steal 600 Huawei phones worth 290,000 UAE dirham – equivalent to £62,000. The trio managed to evade detection by employing a range of sophisticated techniques and, in doing so, proved that even the most complex security systems can be bypassed.
Then, when a smartphone finally makes it into the hands of the end-customer, you’d be forgiven for assuming that the supply chain-related threats to it are at an end. This, however, is not the case, especially in light of the growing trend of reverse logistics scams seen in recent years. Essentially, these involve consumers ordering a phone online, only to claim that it never arrived, or that they received something else instead.
In actuality, they have the device in their possession, but without sufficient evidence to prove this, retailers are left with little alternative but to send a replacement device, or issue the customer with a refund. Either way, the unscrupulous customer is left with an additional phone that they’re free to sell on for a profit.
In some cases, customers might go so far as to claim that they’re unhappy with the product they received and that they’ve sent it back, when they have actually kept it for themselves. For example, a 22-year-old man from Palma de Mallorca conned Amazon out of $370,000 by sending returns packages filled with dirt rather than the original items. It was only when a random spot check was conducted that his scam was uncovered, illustrating that tackling this issue often comes down to luck.
While the vast majority of OEMs will already have security measures in place to combat vulnerabilities, the fact of the matter is that many traditional mechanisms fall short when it comes to protecting supply chains. Catching perpetrators who have shipped smartphones abroad can be a real challenge given the lack of International Mobile Equipment Identity [IMEI] blacklisting in some regions; a problem that continues to fuel the sale of stolen devices on the black market.
Meanwhile, making claims for returns fraud can also be fraught with difficulty, not least because responsibility for parcel-related theft often falls on the shoulders of the sellers, rather than the couriers. Furthermore, although any losses incurred by theft may be covered by insurance, it is inevitable that business premiums will go up as a result.
How Trustonic can help
It’s clear that smartphone OEMs need more robust means to combat the scourge of supply chain theft, and technology holds the solution.
At Trustonic, we have developed a pioneering and proven approach that gives manufacturers the power to reclaim control of their supply chains. By utilising our cloud-based device locking platform, they can move to fully lock down smartphones that have been stolen, rendering them unusable and therefore removing their resale as a result. Crucially, the Platform can also be used to manage and control devices in countries where IMEI blacklisting is not enforced, preventing criminal gangs from exploiting these gaps in the defence.
Thanks to the technology that we’ve developed, devices can be managed with ease throughout their entire lifecycle – from the moment they leave the factory floor, all the way through to the moment that they’re recycled. Ensuring that smartphones can only be activated by the intended recipient, the Platform prevents unauthorized access during the initial stages of the supply chain, deterring criminal organisations and providing OEMs with greater peace of mind that their investments are unlikely to be targeted.
Retailers can also confidently stock and display devices for demonstration, safe in the knowledge that they can easily be locked and rendered useless if stolen. Additionally, the Platform mitigates reverse logistics fraud by giving operators the freedom to swiftly lock a device if a customer reports that they didn’t receive it. This dissuades fraudsters from trying to exploit returns policies, given that devices will quickly become useless, thereby eliminating any form of resale value.
With supply chain theft posing such a formidable challenge for smartphone OEMs, investing in robust systems like ours will be pivotal not only to safeguarding their assets, but also breaks the business model of the criminal gangs who depend upon their ability to exploit physical vulnerabilities.
