In recent years, cyber-attacks on smartphones have been on the rise. The flaws in built-in softwares of smartphones will allow hackers to have full access to the devices to install malicious programs, retrieve user data and system log, remove user data, alter device configurations, etc. Users may not be aware of such threats as built-in softwares, sometimes not displayed with icons, cannot be deleted or disenabled and cannot be detected by antivirus softwares.

Having recognized the importance of information security of smartphones, the BSMI has been working closely with Taiwan Association of Information and Communication Standards (TAICS) to develop relevant national standards. After having consulted the industry standards developed by TAICS as well as international standards, recommendations and guidelines, the BSMI published two national standards, CNS 16176 (Cybersecurity requirements for built-in software on smartphone systems) and CNS 16177 (Cybersecurity test methods for built-in software on smartphone systems) on August 18, 2022. The two standards can be used by smartphone manufacturers, software developers and testing laboratories to offer higher protection to consumers and increase the confidence of the public in the products by performing security testing of build-in softwares.

The text of the above-mentioned standards can be accessed at the CNS Online Service websie (https://www.cnsonline.com.tw/).

Responsible Division: 1st Division

Contact Person: Chang Chien, Hong-Lee, Deputy Director

Tel. (O): +886-3343-5168

Email: sophia.cc@bsmi.gov.tw