The Future Mobile Security
4 likes•2,063 views
Qualcomm Technologies offers a multidimensional mobile security solution designed to protect users and enhance the integrity of mobile devices, featuring secure boot, trusted execution environments, and cryptographic accelerators. The solution aims to deter unauthorized access through innovative security measures like fingerprint, voiceprint, and iris recognition for authentication. Additionally, it addresses theft prevention through features like a kill switch, acknowledging the high incidence of mobile device-related crimes.
The Future Mobile Security
- 1. 1©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.
- 2. The future of mobile security Asaf Ashkenazi Director, Product Management Qualcomm Technologies, Inc.
- 3. 3©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. Qualcomm® Security Solutions Qualcomm Security Solutions and Qualcomm SecureMSM are products of Qualcomm Technologies, Inc. Qualcomm Technologies offers a multidimensional security solution that is designed to help: • Protect mobile device users and the security and integrity of their mobile devices • Make device security easier • Enable access to content with strict copyright protection Qualcomm® SecureMSM™ Technology AuthenticationEnterprise Theft Deterrence Content Protection
- 4. 4©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. SecureMSM
- 5. 5©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. Secure MSM SecureMSM - Security designed to go deep Secure boot • A secure system foundation consists of the hardware platform and the code that executes on that platform. Unauthorized modification of that code can lead to a breach of the security system. In order to deter unauthorized modification or replacement of the system stored code, SecureMSM incorporates secure boot. • Qualcomm Technologies’ secure boot is an on-chip tamper resistant ROM based boot-up process that verifies the authenticity and integrity of critical code and data stored in flash memory. • Qualcomm Technologies’ secure boot process gains control of the system immediately after reset by executing a known code resident in on-chip ROM. This code is the system’s root of trust that authenticates the code used by the device. <code>
- 6. 6©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. SecureMSM - Security designed to go deep Trusted execution environment • Protect the device’s most valuable assets from malware. • Qualcomm® Secure Execution Environment, using ARM’s TrustZone technology, is a controlled and separated environment that allows trusted execution of code. • This code is executed outside of the device operating system. QTI’s Secure Execution Environment is designed to reduce the damage of viruses, Trojans and rootkits. • Hardware access control to block malware access to critical devices such as touchscreen, camera and fingerprint reader. Secure MSM BANKING APP LOGIN PASSWORD [email protected] ********* Qualcomm Secure Execution Environment is a product of Qualcomm Technologies, Inc.
- 7. 7©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. SecureMSM - Security designed to go deep Cryptographic accelerators • Hardware data encryption, to enhance the performance and security of cryptographic operations. • High-speed cryptographic accelerators, capable of handling multi-data channels while maintaining context separations. • Connects to 256-bit secure hardware key that cannot be accessed by software running on the device and can only be used by the cryptographic accelerator. • An essential part of the device’s security, performance and power efficiency. ζ# Secure MSM Hello World CPU
- 8. 8©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. Authentication
- 9. 9©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. Your device – your identity PASS. BYOD ?
- 10. 10©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. • Fingerprint − Sensor on device that captures user’s fingerprint designed to provide added level of security • Voiceprint − Integrated audio solutions with hardware recognize individual voice patterns • Iris − Computer vision technology sophisticated enough to identify unique attributes of users eyes • Secure PIN & Anti-Phishing − Secure UI-based PIN authentication Authentication solutions A C E B D F
- 11. 11©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. • Secure location − Supplemental information to authentication from the hardware to help prevent tampering • Secure time − Tying time periods to device infrastructure that help authenticate users more securely Secure location and context
- 12. 12©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. Your Device – Your Identity User Experience Multi Authenticators Attestation Privacy
- 13. 13©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. Theft prevention
- 14. 14©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. The FCC: “Epidemic of robberies involving smartphones” 1Source: the Office of the New York State Attorney General, SECURE OUR SMARTPHONES INITIATIVE 2Source: London Metropolitan Police 3Source: FCC, http://www.fcc.gov/document/announcement-new-initiatives-combat-smartphone-and-data-theft More than 40% of all robberies in New York City involve smartphones and other cell phones3 In 2013, nearly half (49%) of London robberies involved a mobile device2 Other major cities have similar statistics, with robberies involving cell phones comprising 30-40% of all robberies3 Robberies are, by definition, violent crimes, and there are many instances of robberies targeting cell phones resulting in serious injury or even death3 In 2013, thieves stole an estimated 3.1 million mobile devices in the United States1
- 15. 15©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. Kill Switch components Device Device Lock Control Kill switch Backend Database Lock/unlock
- 16. 16©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. Concern #1: Fraudulent kill command Device Device Lock Control Kill switch Backend Database Locked
- 17. 17©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. Concern #2: Factory reset / re-flash attack Locked Unlocked Factory Reset PhoneStolen phone Phone Unlock Tool
- 18. 18©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. Qualcomm Technologies, Inc. kill switch client* Built on top of SecureMSM Kill switch Guardian Device Kill Function Authentication Engine Lock Unlock Kill switch Backend Database Inside the device
- 19. 19©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. For more information on Qualcomm, visit us at: www.qualcomm.com & www.qualcomm.com/blog ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. Qualcomm and SecureMSM are trademarks of Qualcomm Incorporated, registered in the United States and other countries. Uplinq is a trademark of Qualcomm Incorporated. All Qualcomm Incorporated trademarks are used with permission. Other products and brand names may be trademarks or registered trademarks of their respective owners. References in this presentation to “Qualcomm” may mean Qualcomm Incorporated, Qualcomm Technologies, Inc., and/or other subsidiaries or business units within the Qualcomm corporate structure, as applicable. Qualcomm Incorporated includes Qualcomm’s licensing business, QTL, and the vast majority of its patent portfolio. Qualcomm Technologies, Inc., a wholly-owned subsidiary of Qualcomm Incorporated, operates, along with its subsidiaries, substantially all of Qualcomm’s engineering, research and development functions, and substantially all of its product and services businesses, including its semiconductor business, QCT. Thank you FOLLOW US ON: