Counterfeit mobile devices - the duck test

A well-known proverb says “If it looks like a duck, walks like a duck and quacks like a duck, it is a duck”. This statement raises an interesting approach to identifying counterfeit mobile devices. If we substitute the “duck” for a device and map the proverb to the following characteristics of a device, we can use the proverb to help validate if a device is counterfeit: 1) Looks like a duck: user interface 2) Walks like a duck: safety, compliance and physical testing 3) Quacks like a duck: OS and pre-installed applications This paper looks at how these characteristics can identify a counterfeit device. The paper starts by identifying these characteristics, and then determining how and where counterfeit devices deviate in their representation of the characteristics from the legitimate norm, as identified by official device and software manufacturers. The paper also explores the risks associated with purchasing counterfeit or substandard mobile devices, suppositions on why and how those risks are exploited by illegitimate device manufacturers, and mitigations on reducing or removing the availability of illegitimate devices. In particular, this paper will: Provide background information on the sourcing of the counterfeit and substandard devices. Discuss the software extraction technologies used as well as the malware scanning and analysis tests performed. Discuss the tests performed by the Microsoft Mobile Operations Product Safety team on the devices' hardware. Analyze and report on the results of the testing performed; specifically the risks posed to end users by these devices. Finish with a discussion of some mitigations and steps that could be taken to minimize the risks counterfeit phones pose to end users.