Google Titan M chip for Pixel 3 offers bootloader security, lock screen protection and on-device disk encryption

Google with this year’s Pixel 3 is advancing the level of security it offers for its users. It introduced a new Titan M which is an enterprise-grade security chip custom built for Pixel 3 to secure your most sensitive on-device data and operating system. Google says that it took the best features from the Titan chip used in Google Cloud data centers and tailored it for mobile.

To protect Android from outside tampering, Google has integrated the Titan M into Verified Boot. Titan M helps the bootloader to make sure that you’re running the right version of Android. Specifically, Titan M stores the last known safe Android version and prevents “bad actors” from moving your device back to run on an older, potentially vulnerable, version of Android behind your back. Titan M also prevents attackers from attempting to unlock the bootloader.

Pixel 3 also uses Titan M to verify your lock screen passcode. It makes the process of guessing multiple password combinations harder by limiting the number of login attempts. Only upon successful verification of your passcode will Titan M allow for decryption. Additionally, the secure flash and fully independent computation of Titan M makes it harder for an attacker to tamper to gain the secrets to decrypt your data.

Titan M is also used to protect third-party apps and secure sensitive transactions. With Android 9, apps can now take advantage of StrongBox KeyStore APIs to generate and store their private keys in Titan M. It is built with insider attack resistance. The firmware on Titan M will never be updated unless you have entered your passcode, meaning bad actors cannot bypass your lock screen to update the firmware to a malicious version.

Source


Related Post