{"id":11722,"date":"2025-02-05T22:09:27","date_gmt":"2025-02-05T22:09:27","guid":{"rendered":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/?post_type=gsma_theme_resources&#038;p=11722"},"modified":"2025-07-09T11:26:29","modified_gmt":"2025-07-09T10:26:29","slug":"fs-56-mobile-device-security-certification-scheme-gsma-security-requirements-version-1","status":"publish","type":"gsma_theme_resources","link":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/fs-56-mobile-device-security-certification-scheme-gsma-security-requirements-version-1\/","title":{"rendered":"FS.56 Mobile Device Security Certification Scheme &#8211; GSMA Security Requirements Version 1"},"content":{"rendered":"\n<p>This document is complementary to the GSMA defined Mobile Device Security Certification (MDSCert) Scheme, of which there is an overview in FS.53 &#8211; MDSCert Scheme Overview.<\/p>\n\n\n\n<p><br>A MDSCert Scheme requires mobile devices submitted for certification to meet security requirements as defined in the ETSI Consumer Mobile Device Protection Profile (TS 103 732) series. The modified and new requirements proposed in Section 3 of this document may additionally be considered by a MDSCert scheme for inclusion as part of the security requirements against which mobile devices are assessed and certified.<\/p>\n\n\n\n<p>The present document defines technical (functional) and non-technical (assurance) requirements identified by GSMA that could be part of a MDSCert scheme. The requirements used by a MDSCert Scheme are those defined in the latest version of ETSI TS 103 732 series  as detailed in Section 2. Additionally, Section 3 of the present document identifies potential gaps in security Functional and Assessment requirements, respectively, that are expected to be addressed in future versions of ETSI TS 103 732 series: Additional requirements proposed in informative sections of this document may be considered by the Mobile Device Manufacturer to be certified under a MDSCert scheme, as mentioned in Section 3.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This document is complementary to the GSMA defined Mobile Device Security Certification (MDSCert) Scheme, of which there is an overview in FS.53 &#8211; MDSCert Scheme Overview. A MDSCert Scheme requires mobile devices submitted for certification to meet security requirements as defined in the ETSI Consumer Mobile Device Protection Profile (TS 103 732) series. The modified [&hellip;]<\/p>\n","protected":false},"author":53,"featured_media":0,"template":"","meta":{"image":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-content\/uploads\/2025\/02\/Thumbnail-FS.56.jpg","json":{"gsma_resources_type":"Document","gsma_resources_thumb":"[11725]","gsma_resources_file":"[11724]","gsma_resources_multi":null,"gsma_resources_wgr":null,"gsma_resources_video":"","gsma_resources_image":"null","gsma_resources_url":"","gsma_resources_date":"","gsma_resources_button":""}},"tags":[],"resource_categories":[1582,1517,1563,1576],"algolia_discover_type":[],"class_list":["post-11722","gsma_theme_resources","type-gsma_theme_resources","status-publish","hentry","resource_categories-mobile-cybersecurity-knowledge-base","resource_categories-publications","resource_categories-supply-chain-publications","resource_categories-technical-guidelines"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v24.3 (Yoast SEO v24.3) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>FS.56 Mobile Device Security Certification Scheme - GSMA Security Requirements Version 1 - Security<\/title>\n<meta name=\"description\" content=\"The security requirements in the present document define technical (functional) and non-technical (assurance) requirements identified by GSMA as part of a MDSCert scheme\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/fs-56-mobile-device-security-certification-scheme-gsma-security-requirements-version-1\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"FS.56 Mobile Device Security Certification Scheme - GSMA Security Requirements Version 1 - Security\" \/>\n<meta property=\"og:description\" content=\"The security requirements in the present document define technical (functional) and non-technical (assurance) requirements identified by GSMA as part of a MDSCert scheme\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/fs-56-mobile-device-security-certification-scheme-gsma-security-requirements-version-1\/\" \/>\n<meta property=\"og:site_name\" content=\"Security\" \/>\n<meta property=\"article:modified_time\" content=\"2025-07-09T10:26:29+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"FS.56 Mobile Device Security Certification Scheme - GSMA Security Requirements Version 1 - Security","description":"The security requirements in the present document define technical (functional) and non-technical (assurance) requirements identified by GSMA as part of a MDSCert scheme","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/fs-56-mobile-device-security-certification-scheme-gsma-security-requirements-version-1\/","og_locale":"en_GB","og_type":"article","og_title":"FS.56 Mobile Device Security Certification Scheme - GSMA Security Requirements Version 1 - Security","og_description":"The security requirements in the present document define technical (functional) and non-technical (assurance) requirements identified by GSMA as part of a MDSCert scheme","og_url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/fs-56-mobile-device-security-certification-scheme-gsma-security-requirements-version-1\/","og_site_name":"Security","article_modified_time":"2025-07-09T10:26:29+00:00","twitter_card":"summary_large_image","twitter_misc":{"Estimated reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/fs-56-mobile-device-security-certification-scheme-gsma-security-requirements-version-1\/","url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/fs-56-mobile-device-security-certification-scheme-gsma-security-requirements-version-1\/","name":"FS.56 Mobile Device Security Certification Scheme - GSMA Security Requirements Version 1 - Security","isPartOf":{"@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/#website"},"datePublished":"2025-02-05T22:09:27+00:00","dateModified":"2025-07-09T10:26:29+00:00","description":"The security requirements in the present document define technical (functional) and non-technical (assurance) requirements identified by GSMA as part of a MDSCert scheme","inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/fs-56-mobile-device-security-certification-scheme-gsma-security-requirements-version-1\/"]}]},{"@type":"WebSite","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/#website","url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/","name":"Security","description":"GSMA Security","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"}]}},"cats":[{"term_id":1591,"name":"Airtel","slug":"airtel","term_group":0,"term_taxonomy_id":1591,"taxonomy":"resource_categories","description":"","parent":1590,"count":0,"filter":"raw"},{"term_id":1600,"name":"APAC","slug":"apac","term_group":0,"term_taxonomy_id":1600,"taxonomy":"resource_categories","description":"","parent":1599,"count":0,"filter":"raw"},{"term_id":1598,"name":"Branded Calling","slug":"branded-calling","term_group":0,"term_taxonomy_id":1598,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":498,"name":"Build","slug":"build-phase","term_group":0,"term_taxonomy_id":498,"taxonomy":"resource_categories","description":"","parent":507,"count":7,"filter":"raw"},{"term_id":1590,"name":"Company name","slug":"company-name","term_group":0,"term_taxonomy_id":1590,"taxonomy":"resource_categories","description":"","parent":1589,"count":0,"filter":"raw"},{"term_id":499,"name":"Concept","slug":"concept-phase","term_group":0,"term_taxonomy_id":499,"taxonomy":"resource_categories","description":"","parent":507,"count":4,"filter":"raw"},{"term_id":1584,"name":"Coordinated Vulnerability Disclosure","slug":"coordinated-vulnerability-disclosure","term_group":0,"term_taxonomy_id":1584,"taxonomy":"resource_categories","description":"","parent":1576,"count":1,"filter":"raw"},{"term_id":1597,"name":"Customer Education and Awareness Campaigns","slug":"customer-education-and-awareness-campaigns","term_group":0,"term_taxonomy_id":1597,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":200,"name":"cvd","slug":"cvd","term_group":0,"term_taxonomy_id":200,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":177,"name":"CVD Programme","slug":"cvd-programme","term_group":0,"term_taxonomy_id":177,"taxonomy":"resource_categories","description":"","parent":0,"count":3,"filter":"raw"},{"term_id":500,"name":"Decommissioning","slug":"decommissioning-phase","term_group":0,"term_taxonomy_id":500,"taxonomy":"resource_categories","description":"","parent":507,"count":3,"filter":"raw"},{"term_id":501,"name":"Delivery","slug":"delivery-phase","term_group":0,"term_taxonomy_id":501,"taxonomy":"resource_categories","description":"","parent":507,"count":3,"filter":"raw"},{"term_id":502,"name":"Deployment","slug":"deployment-phase","term_group":0,"term_taxonomy_id":502,"taxonomy":"resource_categories","description":"","parent":507,"count":8,"filter":"raw"},{"term_id":503,"name":"Design and Development","slug":"design-and-development-phase","term_group":0,"term_taxonomy_id":503,"taxonomy":"resource_categories","description":"","parent":507,"count":9,"filter":"raw"},{"term_id":1556,"name":"M360 APAC","slug":"m360-apac","term_group":0,"term_taxonomy_id":1556,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":1557,"name":"M360 APAC","slug":"m360-apac-publications","term_group":0,"term_taxonomy_id":1557,"taxonomy":"resource_categories","description":"","parent":1517,"count":0,"filter":"raw"},{"term_id":1518,"name":"m360 Latam 2024","slug":"m360-latam-2024","term_group":0,"term_taxonomy_id":1518,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":1509,"name":"M360 UK 2023","slug":"m360-uk-2023","term_group":0,"term_taxonomy_id":1509,"taxonomy":"resource_categories","description":"","parent":0,"count":6,"filter":"raw"},{"term_id":1582,"name":"Mobile Cybersecurity Knowledge Base","slug":"mobile-cybersecurity-knowledge-base","term_group":0,"term_taxonomy_id":1582,"taxonomy":"resource_categories","description":"","parent":1576,"count":45,"filter":"raw"},{"term_id":1503,"name":"MWC22 Barcelona","slug":"mwc22-barcelona","term_group":0,"term_taxonomy_id":1503,"taxonomy":"resource_categories","description":"","parent":0,"count":6,"filter":"raw"},{"term_id":1508,"name":"MWC23 Barcelona","slug":"mwc23-barcelona","term_group":0,"term_taxonomy_id":1508,"taxonomy":"resource_categories","description":"","parent":0,"count":2,"filter":"raw"},{"term_id":1511,"name":"MWC23 Las Vegas","slug":"mwc23-las-vegas","term_group":0,"term_taxonomy_id":1511,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":1516,"name":"MWC24 Barcelona","slug":"mwc24-barcelona","term_group":0,"term_taxonomy_id":1516,"taxonomy":"resource_categories","description":"","parent":0,"count":3,"filter":"raw"},{"term_id":1575,"name":"MWC25 Barcelona","slug":"mwc25-barcelona","term_group":0,"term_taxonomy_id":1575,"taxonomy":"resource_categories","description":"","parent":0,"count":2,"filter":"raw"},{"term_id":322,"name":"NESAS","slug":"nesas","term_group":0,"term_taxonomy_id":322,"taxonomy":"resource_categories","description":"","parent":0,"count":5,"filter":"raw"},{"term_id":504,"name":"Operational","slug":"operational-phase","term_group":0,"term_taxonomy_id":504,"taxonomy":"resource_categories","description":"","parent":507,"count":23,"filter":"raw"},{"term_id":1578,"name":"Post quantum use case library","slug":"post-quantum-use-case-library","term_group":0,"term_taxonomy_id":1578,"taxonomy":"resource_categories","description":"","parent":1522,"count":6,"filter":"raw"},{"term_id":1522,"name":"Post-quantum","slug":"post-quantum","term_group":0,"term_taxonomy_id":1522,"taxonomy":"resource_categories","description":"","parent":0,"count":15,"filter":"raw"},{"term_id":1581,"name":"Post-Quantum Cryptography","slug":"post-quantum-cryptography","term_group":0,"term_taxonomy_id":1581,"taxonomy":"resource_categories","description":"","parent":1576,"count":11,"filter":"raw"},{"term_id":505,"name":"Procurement","slug":"procurement-phase","term_group":0,"term_taxonomy_id":505,"taxonomy":"resource_categories","description":"","parent":507,"count":3,"filter":"raw"},{"term_id":1517,"name":"Publications","slug":"publications","term_group":0,"term_taxonomy_id":1517,"taxonomy":"resource_categories","description":"","parent":0,"count":46,"filter":"raw"},{"term_id":1599,"name":"Region","slug":"region","term_group":0,"term_taxonomy_id":1599,"taxonomy":"resource_categories","description":"","parent":1589,"count":0,"filter":"raw"},{"term_id":368,"name":"SAS","slug":"sas","term_group":0,"term_taxonomy_id":368,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":1593,"name":"Scam Call Detection and Blocking","slug":"scam-call-detection-and-blocking","term_group":0,"term_taxonomy_id":1593,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":1580,"name":"Securing the 5G era","slug":"securing-the-5g-era","term_group":0,"term_taxonomy_id":1580,"taxonomy":"resource_categories","description":"","parent":1576,"count":5,"filter":"raw"},{"term_id":1595,"name":"SIM Swap Fraud Prevention","slug":"sim-swap-fraud-prevention","term_group":0,"term_taxonomy_id":1595,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":1594,"name":"SMS Phishing (Smishing) Detection","slug":"sms-phishing-smishing-detection","term_group":0,"term_taxonomy_id":1594,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":1596,"name":"Subscription Fraud Prevention","slug":"subscription-fraud-prevention","term_group":0,"term_taxonomy_id":1596,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":1563,"name":"Supply Chain Publications","slug":"supply-chain-publications","term_group":0,"term_taxonomy_id":1563,"taxonomy":"resource_categories","description":"","parent":1517,"count":1,"filter":"raw"},{"term_id":1585,"name":"Supply Chain Toolbox","slug":"supply-chain-toolbox","term_group":0,"term_taxonomy_id":1585,"taxonomy":"resource_categories","description":"","parent":1576,"count":8,"filter":"raw"},{"term_id":1583,"name":"T-ISAC","slug":"t-isac","term_group":0,"term_taxonomy_id":1583,"taxonomy":"resource_categories","description":"","parent":1576,"count":0,"filter":"raw"},{"term_id":1579,"name":"T-Isac Blog","slug":"t-isac-blog","term_group":0,"term_taxonomy_id":1579,"taxonomy":"resource_categories","description":"","parent":1501,"count":0,"filter":"raw"},{"term_id":1501,"name":"T-ISAC Resources","slug":"t-isac-resources","term_group":0,"term_taxonomy_id":1501,"taxonomy":"resource_categories","description":"","parent":0,"count":5,"filter":"raw"},{"term_id":1576,"name":"Technical Guidelines","slug":"technical-guidelines","term_group":0,"term_taxonomy_id":1576,"taxonomy":"resource_categories","description":"","parent":0,"count":52,"filter":"raw"},{"term_id":1592,"name":"Theme","slug":"theme","term_group":0,"term_taxonomy_id":1592,"taxonomy":"resource_categories","description":"","parent":1589,"count":0,"filter":"raw"},{"term_id":507,"name":"Topic","slug":"topic","term_group":0,"term_taxonomy_id":507,"taxonomy":"resource_categories","description":"","parent":0,"count":0,"filter":"raw"},{"term_id":1589,"name":"Use case","slug":"use-case","term_group":0,"term_taxonomy_id":1589,"taxonomy":"resource_categories","description":"","parent":0,"count":0,"filter":"raw"}],"_links":{"self":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/gsma_theme_resources\/11722","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/gsma_theme_resources"}],"about":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/types\/gsma_theme_resources"}],"author":[{"embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/users\/53"}],"version-history":[{"count":2,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/gsma_theme_resources\/11722\/revisions"}],"predecessor-version":[{"id":11726,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/gsma_theme_resources\/11722\/revisions\/11726"}],"wp:attachment":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/media?parent=11722"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/tags?post=11722"},{"taxonomy":"resource_categories","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/resource_categories?post=11722"},{"taxonomy":"algolia_discover_type","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/algolia_discover_type?post=11722"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}