Subscribe For Free
FOLLOW US

Fighting Back: How the GSMA is tackling the global mobile theft epidemic

Staff Reporter
May 27, 2025

The mobile ecosystem is being severely affected by widespread device theft, prompting the GSMA to produce a White Paper on the extent of the problem. Mobile News asked Head of Services, Product Development & Growth Jason Smith to explain what the organisation is doing to help networks around the world combat handset crime.

How does the GSMA currently assess the scale and impact of mobile device theft on a global level?

Mobile device theft continues to pose a significant challenge, which is casting a long shadow across the mobile ecosystem. It’s affecting mobile users, network operators, device manufacturers, OS developers and society as a whole.

Smartphones are now indispensable tools for communication, commerce, and personal expression, so the stakes associated with their theft have risen exponentially in recent years.  

In terms of assessing the scale and impact, the scale and nature of the problem very much varies country by country. At a global level, the annual rate of mobile device theft  remains steady and is estimated at approximately 1% of active subscribers.

However, as the global market for mobile devices expands, the total number of thefts is rising. In certain markets, such as the UK, we can see it becoming a greater problem, which is why the industry is working closely with the Home Office, law enforcement and other crime agencies to tackle the problem. 

The international nature of device theft and trafficking complicates matters further. Stolen devices often cross national borders, entering markets with limited or non-existent monitoring or blocking systems, which significantly hampers the industry’s ability to prevent the reuse or resale of stolen devices.

Addressing the multifaceted challenge of device theft demands a concerted effort from all stakeholders, from industry to law enforcement, governments and individual device users. It is critical that the lessons from the past and best practice in all markets is understood, so we can recognise what does and doesn’t work, so we can protect device owners wherever they are in the world.

Is there a global database or initiative to assist efforts to combat device theft?

Yes, the GSMA operates Device Registry on behalf of the mobile industry. Using mobile devices’  IMEI numbers, the Device Registry database allows participants – including mobile operators, device manufacturers, device insurers and inventory managers – to report upload the IMEIs of devices that have been reported stolen to help prevent their connection to mobile networks.

The registry has strong participation from mobile network operators in the Americas and Western Europe, however there are significant gaps in other regions, especially in parts of Asia and Africa, which limits our visibility of global theft patterns and our ability to prevent the reuse of devices globally. In total, 130 out of approximately 800 operators currently contribute data to the registry. 

Device Registry uses  IMEI numbers to lopck stolen phones

Some countries have set up their own national databases and tracking systems that are not connected to the global Device Registry. For example, Pakistan has its Device Identification Registration and Blocking System (DIRBS) and in 2020, the Communication Authority of Kenya proposed the introduction of a Device Management System which attempted to address a number of different abuse cases, including device theft and counterfeiting. These national efforts are valuable but result in a fragmented approach to stolen device data sharing that is essential to combatting device theft. 

To tackle mobile device theft effectively on a global scale, the GSMA encourages all mobile network operators to upload to the Device Registry the IMEIs of stolen devices and to download the IMEIs submitted by other network operators to ensure the devices to whjich those IMEIs apply are blocked ion their networks.

More participation and data sharing can enhance our ability to block stolen devices and impede their trafficking across borders, which in turn can reduce the number of devices that are stolen, thereby better protecting mobile users. 

What collaborative efforts does the GSMA lead or support between mobile operators, device manufacturers, and law enforcement agencies to combat device theft?

The GSMA is leading a number of key initiatives to combat mobile device theft, bringing together industry stakeholders to tackle this issue. Central to these efforts are the GSMA Device Registry and Device Check services, which allow stolen device data to be shared across borders and organisations. 

The Device Registry lets over 130 operators worldwide exchange information about stolen devices, helping to block their use on individual participating networks. Device Check allows recyclers, insurers, law enforcement, and other stakeholders  to check if a device has ben reported stolen before purchase. 

Beyond these technical solutions, GSMA’s Fraud and Security Group (FASG) gathers mobile operators, device manufacturers, operating system providers, SIM manufacturers and other stakeholders to develop technical security standards and anti-theft measures. A subset of this group focused on devices- the Device Security Group (DSG).

Earlier this year DSG published its “Mobile Device Theft – State of Affairs Report” charting the history of device theft and sharing best practices on how different operators, device manufacturers and law enforcement agencies have been tackling the problem.

DSG has achieved significant results, including the development of technical design principles for device identifier protection, a process for the reporting and remediation of device identifier security issues and device based anti-theft feature requirements that have been widely adopted by manufacturers.

The GSMA has supported law enforcement efforts and continues to encourage broader participation in a range if device theft initiatives, particularly urging more network operators globally to contribute to the Device Registry and to block stolen devices. 

Outline the role of the GSMA’s Device Registry in deterring or preventing mobile device theft, and how widely this database is adopted by mobile networks globally.

The GSMA maintains a unique system known as the GSMA Device Registry, previously referred to as the International Mobile Equipment Identity (IMEI) Database, which is a global central database containing basic information on the serial number (IMEI) ranges of millions of mobile devices (e.g. mobile devices, laptop data cards, etc.) that are in use across the world’s mobile networks. The IMEI is a 15-digit number that is used to identify a device on a mobile network.

Smith: GSMA is working on enhanced eSIM blocking capabilities, which will greatly improve the ability to make stolen devices unusable,

The effectiveness of the system relies on mobile operators participating in the Device Registry service to report and block IMEIs of stolen devices on the global block list. When these devices are rendered useless on participating networks, they have significantly less value, which helps remove the incentive for thieves.

The GSMA Device Registry is crucial in fighting mobile device theft by allowing network operators worldwide to share information about blocklisted devices. Many operators in North America, South America, and Western Europe use this system, making it possible to identify and block stolen devices across multiple networks. This significantly lowers the street value of stolen devices in these regions, as they become unusable on participating networks and are only valuable for parts.

For criminals, the domestic blocking of stolen devices creates a logistical headache because they are required to transport the devices to other countries that don’t participate in the registry to, where they will not be blocked, to maintain their value. In some jurisdictions where official product distribution channels and device blocking don’t exist, stolen devices can fetch high prices, underscoring the importance of expanding use of the Device Registry and stolen device blocking.

The GSMA runs both the Device Registry and Device Check services for the mobile industry. While the Device Registry allows operators to share information about blocklisted devices, GSMA Device Check allows organisations such as repair shops, insurers, recyclers, law enforcement, and even mobile users to look up a device against the GSMA Device Registry. This helps verify a device’s status before purchase, repair, or insurance claims.

What are the biggest obstacles the GSMA faces in achieving a coordinated international response to mobile device theft, especially across developing and developed markets?

The biggest challenge is trying to co-ordinate a unified global response to mobile device theft. We’ve seen strong commitment and results in some markets, where the entire industry unites behind standard approaches, but with only 130 out of around 800 mobile network operators worldwide taking part in the Device Registry, it’s possible for organised crime to ship devices out of participating countries to other markets where stolen devices are not blocked and can still be used. There is clearly a great opportunity to build on this foundation by engaging with governments and industry partners to encourage broader participation to tackle this issue. 

As it stands, the limited participation affects two key areas: reporting and blocking. Many operators do not report stolen devices to the registry, while others fail to block devices reported stolen by other operators. Even among participating networks, inconsistent practices weaken the system’s effectiveness, with some operators selectively downloading stolen device data, allowing devices stolen from certain countries to operate on their networks.

Mobile device theft is casting a long shadow across the mobile ecosystem.

The gap between developed and developing markets adds further complications. In regions without official distribution channels or blocking systems, stolen devices can fetch high prices, creating economic incentives that drive theft. This cross-border dynamic means thieves can easily export stolen devices to non-participating regions where they retain their value.

Regulatory frameworks also vary greatly across different jurisdictions. While some countries have specific laws against device theft and identifier manipulation, most do not, leading to legal inconsistencies that criminals exploit.

Without widespread global participation and consistent implementation, the system’s effectiveness is diminished. Increasing participation, especially in regions to where stolen devices are trafficked and resold, is crucial to reducing the global impact of mobile device theft and increasing the protection of mobile users worldwide.

Does the GSMA support or endorse any specific policy frameworks or regulatory approaches to make device theft less profitable or traceable for criminals?

The GSMA works with governments and law enforcement agencies around the world and welcomes best practice initiatives being developed and adhered to in a number of markets. However, mobile device theft is a global problem, with criminals operating across borders and exploiting deficiencies in national policies and regulations around the world. Therefore, a concerted effort from all stakeholders, from industry to law enforcement, governments and individual device users is needed.

The mobile industry has led numerous initiatives and developed a range of enablers in the global fight against mobile device theft. Although the problem of device theft is not of the industry’s creation, the industry recognises it is a key part of the solution. When lost or stolen mobile devices are rendered useless, they have significantly less value, removing the incentive for thieves to target them so it is essential that devices reported stolen are promptly and comprehensively blocked.

The GSMA encourages mobile operators to participate in its Device Registry service to report and block the IMEIs of devices flagged as stolen on the global block list. Typically, operators deploy equipment identity registers (EIRs) on their local networks to deny connectivity to flagged devices and to share identities of devices from their local block list to ensure devices stolen from their customers can be blocked on the networks of other Device Registry participants. These block list solutions have been in place on some networks for many years.

To enable a wider range of stakeholders to combat device crime, the GSMA provides a service that allows eligible parties, such as law enforcement, device traders and insurers, to check the status of devices against the GSMA Block List and, in some cases, to also flag stolen devices. IMEI blocking, when combined with other multistakeholder measures, can be the cornerstone of a highly effective anti-theft campaign.

Mobile users who have had their devices stolen can be vulnerable to their personal data being accessed and used to commit a range of additional crimes. Industry, law enforcement agencies and regulators are recommended to provide anti-theft education material on their websites with advice and measures appropriate to their markets.

A range of mechanisms that remotely disable stolen devices have been developed for mobile devices. The GSMA supports the development and availability of device-based anti-theft features and has defined feature requirements for globally applicable solutions. These high-level requirements describe security solutions on mobile devices that can help render devices useless and unattractive to criminals by preventing those devices from working on non-mobile networks such as Wi-Fi, where IMEI blocking on EIRs would otherwise be ineffective.

National authorities have a significant role to play in combating device theft and related criminal activity. It is critical that they engage constructively with the industry to ensure the distribution of mobile devices through unauthorised channels is monitored and that action is taken against those involved in the theft and/or illegal distribution of devices.

A comprehensive cross-border information sharing approach, involving all relevant stakeholders makes nationally deployed measures more effective. The GSMA advocates the sharing of stolen device data globally for blocking and status-checking purposes, and this can be facilitated by the GSMA Device Registry and Device Check services. Regulation must allow and encourage the sharing of stolen device information across all countries for this deterrent have a global impact.

Stolen device information can be exchanged between mobile operators through the GSMA Device Registry by having them individually establish the necessary access as part of their GSMA membership benefits package. Alternatively, if a national device block list system is already in place it may be approved to access the GSMA Device Registry to exchange block list information.

Are there any recent or upcoming GSMA-backed initiatives, technologies, or partnerships specifically designed to reduce the incidence of mobile device theft?

The GSMA is tackling mobile device theft through a range of initiatives devised in and supported by our Device Security Group. At the heart of these efforts is the GSMA Device Registry, which lets network operators share information about stolen devices via a blocklist system. Right now, 134 operators in 44 countries are onboard, along with over 50 Contributing Third Parties, helping to protect over a billion users by enabling the global blocking of stolen devices. The GSMA also runs the Device Check service, which allows retailers, insurers, and law enforcement to check if a device has been reported stolen before they buy or accept it.

One of the key contributions from the GSMA to the global efforts to combat device theft is its ‘Anti-theft Device Feature Requirements document (SG.24)‘. This sets the standard for device based disablement features across the industry, helping to harmonise anti-theft capabilities worldwide. It ensures users can protect, track, disable, and re-enable their stolen devices consistently.

Looking ahead, the GSMA is working on leveraging eSIM blocking capabilities to further disable and devalue stolen devices throughout 2025. This initiative has the potential to significantly resolve the existing deficiency related to the failure of most network operators to block stolen devices and to share stolen device data via GSMA’s Device Registry as a new approach could remove the current dependency on network operators to take action.

These initiatives demonstrate the GSMA’s commitment to working with all parts of the ecosystem—mobile operators, device manufacturers, OS developers, and law enforcement—to create solutions that reduce the financial incentives for device theft.

Te GSMA is working on leveraging eSIM blocking capabilities

How does the GSMA work with second-hand and trade-in marketplaces to ensure stolen devices are not resold or recirculated through legitimate channels?

The GSMA plays a crucial role in safeguarding the second-hand mobile device market through its Device Check service. This service provides trade-in marketplaces and recyclers with access to the world’s largest and most accurate database of blocked devices. While the GSMA cannot compel marketplaces to use this service, we strongly recommend that device identities of devices offered for sale should be checked against the Device Registry block list as best practice across the industry. We’re already seeing a number of market leaders including Assurant, Blackbelt 360 and NSYS Group use the service.

GSMA Device Check ensures businesses can check the identities of devices they handle against the global block list, potentially preventing stolen devices from re-entering legitimate channels.

Unlike some services that might use outdated information, Device Check uses the official and definitive source of device blocklist data from the Device Registry, guaranteeing its accuracy and legitimacy. The Device Check service gathers information from over 170 companies across six continents, allowing checks against the identities of devices reported stolen in one country that subsequently appear in another market.

Industry partners hold the Device Check service in high regard. NSYS Group, which develops software solutions for mobile device diagnostics and trade-ins, regards GSMA Device Check as being essential for protecting customers and ensuring smooth transactions. Similarly, Blackbelt Smartphone Defence, which has used the service for over ten years, considers it “integral” to their business operations.

Through these partnerships, the GSMA helps build trust in the second-hand device market while also reducing the incentives for theft by making stolen devices harder to resell through legitimate channels.

To what extent does the GSMA believe eSIM and device locking technologies can play a role in reducing mobile device theft, and are you promoting these capabilities globally?

It depends what you mean by device locking. There are at least three different interpretations; restricting a device to a specific network, locking a device from accessing a network (such as via Device Registry) and remotely locking down a device so it can’t be used. 

Leveraging eSIM blocking capabilities is something that the GSMA is actively considering as something to complement the GSMA Device Registry. It is envisaged that the Device Registry could be enhanced to incorporate an eUICC identifier (EID) block list. The EID is the 32-digit unique identifier that every embedded SIM card has.

This has the potential to be hugely beneficial and make it much easier to block devices, because the reliance on operators that are reluctant to block devices is removed and they don’t need to have an equipment identity register (EIR) deployed on their networks. This could facilitate a rapid and comprehensive extension of device blocking beyond the operators and countries that have supported industry efforts to date. This isn’t to say that mobile network operators are not in control of blocking on their network, on the contrary, eSIM based blocking will make it easier for operators to adopt. It will add a level of trust, providing greater confidence in the device in question. 

Our Device Security Group is currently looking at how the EID can be leveraged to block stolen devices and this work involves specifying common requirements, specifications and usage policies to prevent the download of profiles to eSIMs that have been reported stolen.

This is something that can be done by the SM-DP+ providers or mobile network operators or a combination of both.

In summary, the idea is that we will create an EID blocklist, and then SM-DP+ providers and mobile network operators can refuse to download the profiles onto device that have been reported stolen, thus rendering those devices inoperable over networks. We expect this to be implemented in the next year. 

What mobile user education or awareness campaigns has the GSMA run (or plans to run) to help users protect their devices and personal data from theft?

As I’ve outlined earlier in this interview, our main focus at the GSMA is to help unify the mobile ecosystem behind best practice approaches and technical specifications that can help tackle device theft. Working with law enforcement agencies, our members including mobile operators, device manufacturers and the wider technology industry, are also actively working together to educate mobile users.

There’s a number of good examples, where law enforcement agencies are using “nudge psychology”, including subtle changes to the environment or the presentation of information, to influence people’s choices and behaviours around how, when and where they use their mobile devices. The City of London Police, for example, has spray painted fake blue plaques on to pavements to mark where mobile devices have been stolen, thereby increasing mobile user’s vigilance.

Device manufacturers including Apple, Samsung and Google all provide advice to their customers on their websites, on how to further protect their devices, as well as providing tools to further protect them. We recommend mobile users read up on the specific functionality that their devices support and that their mobile network operators offer.

We’ve also outlined measures that de users can take to protect themselves and their personal information from theft and how to respond if they become victims in our recent report. This includes advice on using strong PINs and passwords, biometric authentication, recording the device’s IMEI number, enabling additional security features on devices and Apps, backing up data and hiding notification content from appearing on locked screens. 

How does the GSMA measure the effectiveness of its anti-theft strategies, and are there any public reports or metrics that illustrate progress in this area?

The effectiveness of anti-theft strategies tends to be measured by law enforcement agencies and national crime agencies and how they report can differ significantly country by country. So, it’s hard to measure effectiveness at a global level. What our own data shows us, is that the annual rate of mobile device theft reported by participating network operators is about 1% of active subscribers. 

However, while this percentage has stayed the same for a number of years, we recognise that the actual number of thefts is rising as more people around the world use mobile devices.

The role of the GSMA is more around increasing adoption of technical standards, industry solutions and security recommendations. Our SG.24 ‘Anti-theft Device Feature Requirements’ document has been crucial in standardising security features across the industry over the past decade, allowing users to consistently protect their devices.

Looking ahead, we’re working on enhanced eSIM blocking capabilities, which will greatly improve our ability to make stolen devices unusable, no matter how they connect to networks. The Device Security Group is actively collaborating with operators, manufacturers, and platform providers to implement these next-generation protections.

We remain dedicated to expanding participation in these initiatives and developing more advanced anti-theft technologies that adapt to changing criminal tactics, while protecting mobile users worldwide.

CLICK TO VIEW

Share this article

More Stories
Analysis: Beyond the Interface: What WWDC 2025 reveals about Apple’s direction
Apple’s Worldwide Developers Conference (WWDC) 2025 presented a strategic direction with three overarching themes reports IDC VP Devices EMEA  Francisco Jeronimo from Cupertino  (main pic). There is a comprehensive design overhaul across all its platforms, the introduction of a new OS naming convention, and continued development of Apple Intelligence. This year’s event was not about disruptive
Analysis - Staff Reporter
June 9, 2025
Analysis – Skype to eSIMs: one door closes but another opens to Global Connectivity
Skype officially retired a month ago— a quiet ending to what was once the loudest voice in international calling.
Analysis - Staff Reporter
June 5, 2025
Gender gap continues in use of mobile internet in sub-Sahara and South Asia countries, says GSMA Report
Women are 14 per cent less likely than men to use mobile internet, and the rate of mobile internet adoption among women is slowing, according to a new report from the GSMA,  The gender gap report analyses data from 15 low- and middle-income countries (LMICs), comparing women’s mobile access and usage with that of men.
Analysis - Staff Reporter
May 14, 2025
ANALYSIS: eSIMs in laptops: why hasn’t this no-brainer taken off yet?
Despite the rapid adoption of eSIM in smartphones, laptops have yet to catch up. Hamish White, CEO of telecom software provider Mobilise, explains why laptop makers, app developers, and mobile providers are missing a golden opportunity and how smart integration could unlock massive new value.
Analysis - Staff Reporter
April 26, 2025