German BSI releases security requirements for smartphones: (PDF file, German)

– New smartphones and their apps must meet requirements of the European GDPR.
– Security updates are mandatory for 5 years after initial release of the phone.
– Full-disk encryption is mandatory.
– FIDO2 support is listed as an advanced requirement.

Doubt that as this is a German federal institution for information security. What counts probably is the EU. And there money and lobbying rules.

Prove me wrong! 🤞

Sign in to participate in the conversation – a Fediverse instance for & by the Chaos community