Securing Mobile Devices with Advanced Hardware Technology

Enterprise Security Magazine | Friday, November 30, 2018

Though highly advanced in some of the aspects, mobile software protection is nearing its limit. Because this form of security is based on a software protecting another software, it somehow fails to be as reliable as hardware-backed protection. Though risk management teams try to deploy such technologies, due to their limited user access capabilities, application developers always work hard to offer flexible solutions and harness true hardware-based security.

A widely adopted solution to thwart these challenges is the Trusted Execution Environment (TEE) that offers hardware-based mobile security without increasing a device's bill of materials. Standardized by GlobalPlatform—a non-profit organization that creates and publishes secure chip technology specifications—the TEE is a secure area of the main processor where mobile applications can seamlessly run. This technology is being used extensively across enterprises such the ones in fintech spaces. Providing hardware isolation from operating systems such as Android that protect applications’ code, logic and data, the TEE is an operating environment that exists on the main application processor of a device. Even on compromised devices, TEE provides enhanced application protection.

Unlike other discrete hardware-secured environments, applications running in the TEE can access a device's computing power and memory. In addition, it prevents malware from stealing credentials or mimicking user interaction by enabling only privileged access to peripherals like touch-screen or fingerprint sensors. Leading organizations across the globe have developed innovative tools to enable the seamless development of applications targeted at TEE. Moreover, rather than redeveloping a complete mobile application, isolating the sensitive components into a separate trusted application that works within TEE makes it faster and better.

Weekly Brief