The concept of a virtual mobile device isn’t new. Now may be the time to revive that idea to keep phones from revealing data they shouldn’t. The idea for such capabilities goes back to before 2011 when it was announced that Verizon and VMware were working on “Dual Identity Smartphones.” This was one of the BIG things discussed in the EUC space during that VMworld. Now it may be worth reconsideration.
![Copilot. (2026). Ghostly spirits escaping a collapsing smartphone interface in Soviet-style propaganda illustration [AI-generated image]. Microsoft Copilot.](https://i0.wp.com/www.wondernerd.net/wp-content/uploads/2026/01/DualPersonalityPhone_v5.png?ssl=1)
Having phones with multiple, or seemingly multiple personalities could be beneficial. Not necessarily from a technology standpoint, as the concept is over 15 years old. Instead the benefits come from security and political concerns that are now more prevalent than they were when this concept was first developed.
Burner Devices
It is a common practice for business people traveling to certain countries to receive a ‘burner’ phone and laptop with minimal access to corporate assets. The list of countries where this applies has grown in the last couple of years, increasing the need for security at organizations and for individuals. Typically when folks return these ‘burner’ devices, they are wiped and ‘hopefully’ destroyed. This is to ensure any possible surveillance systems that ‘accidentally’ got installed on them while out and about are mitigated. The idea being that it may not be possible to tell if the device was tampered with, so let’s not take any chances.
This technology would also make phone upgrades/replacement so much easier. Because the phone is now a VM, the underlying hardware could be replaced with minimal disruption enabling a consistent user experience. Additionally, if for some reason the mobile device was lost or stolen, the information is not compromised. It could be recovered from the safety of a data center. Not to mention all the program isolation and sandboxing that could be done. It brings so many benefits to users and organizations alike.
An Example
Let’s look at an example of this, you fly to a country that surveilles foreigners entering the country (pick your country, I can think of 3 without even trying). As you go through security to entry one of these countries, your electronic devices are inspected. The security detail powers up your laptop and has you login, they poke around. They have you unlock your mobile device and do the same, inspecting and downloading any data resident on the device they wish (see ‘advanced search’).
![Copilot. (2026). Sinister officer inspecting smartphones in Soviet-style propaganda illustration [AI-generated image]. Microsoft Copilot.](https://i0.wp.com/www.wondernerd.net/wp-content/uploads/2026/01/Soviet-era-propagand-Phone-Inspection_v5.png?ssl=1)
They clear you and you move on with your day. Only ever since your phone hasn’t been the same. The ‘security’ team ‘infected’ your mobile device with something. Spyware, malware, tracking, worms, who knows what. The same with your laptop. If you refuse to allow an ‘inspection’ of these devices you might be detained or refused entry. This is the reason for burner devices.
This is also why VDI is so important for corporate users. Your files and materials are all safely locked away in your country of origin and not present on the device. There is nothing for all that malicious software or prying eyes to see. Only right now, this isn’t entirely true for mobile devices like cell phones. And arguably, they are becoming more important in protection strategies. They have become the life blood for many and contain as much if not more important information (think contacts, appointments, and text messages) than a laptop.
Time to Revive Virtual Mobile Devices?
For these and many other reasons, I feel the idea of virtual mobile devices might be worth reviving. I started thinking about this and outlined this blog post as I was flying back from VMware Explore 2025, where I’d heard stories from several who came for the conference regarding their journey through United States Customs. Needless to say, I found it disturbing.
There are ways to deliver applications to users mobile devices for organizations where IT can geofence the applications so they uninstall or wont run or contain data in certain areas. This is good for some business applications. But…
As I sat on my flight back from VMware Explore I see some scenarios where it maybe more appropriate to have a full virtual mobile device, so things aren’t cached. With reports of USCB demanding full reviews of travelers mobile devices it might be better to have a fully separate virtual mobile device, that way when you land you disconnect from your virtual mobile device, and there is nothing to see.
What a Virtual Mobile Device (VMD) Looks Like
You might wonder what the technical design of a VMD would look like. Let’s break it down really quickly. There are a couple of ways to deliver them, one is to use an ARM emulator on an x86 platform, the other is to have a cluster of ARM servers capable of delivering a native mobile OS using virtualization technologies. These would of course be virtual machines and could easily be deployed in a number of different configurations including something like Omnissa’s Instant Clone technology. Where the mobile user environment is rebuilt each time from a base image. Or it could be a static VMD where it exsists as a persistent image.
Then, the user just connects to their VMD from their phone when needed and they disconnect prior to entering locations subject to inspection. This would be handled using a broker like, Omnissa Horizon. The result being, a separated mobile device experience.
Other VDM Considerations
There are also a few other things to consider with this. What about SIMs, phone calls, cameras, and other functions of most modern mobile devices. The SIM can be addressed in one of two ways, a virtual SIM or it can be linked back to a hardware SIM in the data center where the VMD resides. Everything else could easily be passed through.
Additionally, things like facial recognition could continue to work seamlessly by creating a two way trust and key-chain pairs between the mobile device and VDM. The recognition system functions similarly to how it works now, only the trust is first established with the VDM, and the VDM then establishes the trust with the application.
(At this point you’ve probably figured out, that at least for the time being, this would preclude IOS based VMDs. This is mainly due to licensing restrictions.)
ARM Hosts
You might also be thinking that ARM isn’t available on any mainstream virtualization platforms. That’s not entirely true. At VMware Explore this last year there was a session on delivering ARM VMs through VMware VCF. You can watch it here: VMware Cloud Foundation on Arm: Where We Are and Where We’re Headed [CLOP1126LV]
If a vendor would bring together all the work from the past, they could create a powerful sandbox where all (application, data, etc.) remains in a sovereign data center and make a mint. And if done well they could commercialize it. Imagine you no longer need to fear losing your phone and all the pictures on it, or someone stealing it.
You might be thinking apps can just be delivered using existing methods with similar outcomes. Just think about how long it takes to restore everything following a reset of your phone. There are a lot of ways to deliver the individual apps, we could make it simpler by delivering the whole mobile environment.
It Just Makes Sense
A “burner phone” that maintains a consistent user experience might be overkill for some. However, with unlimited data, minimal dead spots, and the fact that most mobile devices first purpose is no longer phone calls (when was the last time you heard someone asking “can you hear me…”), isolating data operations using VDMs just makes sense.
This would also mean the data that organizations (or individuals) do not want disclosed to governments or others for whatever reason could be safely disassociated from the mobile device. Completely severed, because there is technically nothing kept on the device.
If this became wide spread, it would become almost pointless for bad actors to request a review of a mobile device. The data is out of their grasp kept safe in a data center, and only streamed to and from the mobile device.
Furthermore, organizations could establish geofences around known areas of device intrusion where it is not possible to connect to VMDs. This ensures that private data remains private and privileged. It also forces bad actors (nation state or otherwise) to show more respect to the privacy of individuals. It could still be possible to use the mobile device to make phone calls if needed, just not opening the kimono wide enough to see all the private data.
Plus, when someone returns from a country with such surveillance on visitors, the end user can dispose of their “burner” devices with minimal disruption, without revealing their data. The old is new again!
![Copilot. (2026). Joyful crowd discarding smartphone into flaming trash can in Soviet-style propaganda illustration [AI-generated image]. Microsoft Copilot.](https://i0.wp.com/www.wondernerd.net/wp-content/uploads/2026/01/Soviet-era-propagand_Phone_In_Bin.png?ssl=1)
