Today millions of new smart devices include the most advanced state-of-the-art security standards. Every app and service provider should fully exploit the embedded protections delivered by the latest generation hardware. In today’s mobile market safety, whether that means protection of your identity, your data, your messaging, or your transactions, is on the list of top features that influence the consumer on their mobile phone choices.
There is a strong transition from security being an afterthought to security being built-in. Built in security delivers safer phones, a core desire for the consumer. Safety as a feature will influence buyers in their decisions and entice users to upgrade earlier. Built-in security technology provides consumers with a higher quality experience and better value in the services offered. Buyers of technology know that not every device is going to be the same and competition will drive the safety market. For years mobile users have upgraded for better resolution, improved camera functionality, significant memory upgrades, improved touch screens, greatly enhanced audio, and even new and improved case designs or colors. The time is now for consumers to upgrade for better safety.
It is time to take safety seriously
In years past mobile users have felt that safety and security, whether simple passcodes or more advance biometrics or multi-factor security protocols, slows down access. In enterprise level deployments of mobile technology, it is the oft annoying and cumbersome standards deployed by IT that make user experiences terrible and forces these users to look for shortcuts to bypass the process (and thus exposing that mobile access to the dreaded breach).
The latest generation of mobile technology will greatly improve the user experience and make daily life more manageable. Safety will be the new standard but not succumb the reluctant user to a series of dreaded steps that forces them to look for shortcuts. The technologies that will deliver this today include:
TEE (Trusted Execution Environment Embedded Technology)
TEE provides the tools for every app to have secure isolated execution of authentication, authorizations, encryption, and messaging. It prevents malware from stealing the keys that define the user’s identity. Latest generation mobile phones support Global Platform TEE, Trustonic, and/or other proprietary TEE environments. Rivetz is working to simplify developer’s integration of TEE and give users the information they need to make the right choices. TEE is at the heart of modernizing the safety in devices separating the really sensitive data and process from the flexibility and extendibility of the operating system. TEE provides the model for strong certification and validation of the safety that provides the users with the confidence the solutions achieve the protections they assure.
TUI (Trusted User Interface)
TUI provides embedded protection for the entry of a user PIN number to lock an identity key to a specific user. This technology prevents misuse of the user’s credentials in the event that a phone is either compromised, loaned out, or even stolen. TUI is available today on select Samsung phones and is on the product roadmap for many others handset providers. Smartphone buyers today should make this a requirement on their mobile features checklist. This is by far the best cyber identity solution readily available in a device today. Intel is supporting a similar feature in their Ultra-books but, in current form, has limited interfaces.
Secure Display is another feature of TUI that ensures what is displayed on the screen actually came from the app and is not compromised by malware. It assures that what you see on screen is the actual message/content that will be safely delivered. This is ideal for private messaging, payments, and identity management.
This is the best marketing feature on a phone because you can actually touch it and see it work! There is still much work to be done in biometrics to deliver on the promise of true safety. In today’s environment a Trusted User Interface secure PIN is far stronger but in time biometrics will catch up. Features like hardware matching, Secure Sensor path, and liveness detection will continue to evolve over next generation devices. The same will be true for facial recognition where a camera in the device will be required to assure the images came from the sender and not compromised by malware.
NFC (Near Field Communication) and BLE (Bluetooth Low Energy)
While technically speaking not a security technology per se NFC and BLE both can be used for the delivery of data and credentials over a short distance. Providing the user with a simple physical representation of the safety that smart devices can deliver. Simple identity can be more private, personal data can be protected, Real identity can be assured, and secure sharing is possible. Secure devices are not only holders of secure data but also the receivers of that data providing protection for a full transaction. Every app should embrace simple NFC support for loyalty, identity, form fill, and SIMPLICITY. Devices that embrace NFC and BLE provide the first effective mobile Identity interface.
Not every mobile phone will have every feature illustrated above. Utilizing key aspects of some or even all these advanced safety features will fundamentally shift user’s habits. Evolution in technology does not happen overnight but the mind shift towards simplifying yet strengthening security and safety requires market leadership to not only embrace safety but drive safety and market safety.
Safety first will require everyone to participate and provide a strong market differentiator for those who lead. Manufactures need to embed the technology at the chip level. Marketers need to position and sell the safety benefits to the user. And, App developers need to fully exploit the safety made possible by this built-in technology. Users will fast learn to appreciate the result and expect nothing less. Collectively this will make the global markets safer while derailing the disruptions caused by malware.
Image credit: CC by Piers Ford