USB Implementers Forum has launched the USB Type-C Authentication Program. The USB Type-C Authentication specification defines cryptographic-based authentication for USB Type-C chargers and devices. It empowers host systems to protect against non-compliant USB chargers and to mitigate risks from malicious firmware/hardware in USB devices.
Thanks to this protocol, host systems can confirm the authenticity of a USB device, USB cable or USB charger, including such product aspects as the capabilities and certification status. All of this happens right at the moment a connection is made before inappropriate power or data can be transferred. It is a standard protocol for authenticating certified USB Type-C chargers, devices, cables, and power sources.
It also brings support for authenticating over either USB data bus or USB Power Delivery communications channels. It relies on 128-bit security for all cryptographic methods. USB-IF selected DigiCert to manage the PKI and certificate authority services for the USB Type-C Authentication Program.
Jeff Ravencraft, USB-IF President, and COO said:
USB-IF is excited to launch the USB Type-C Authentication Program, providing OEMs with the flexibility to implement a security framework that best fits their specific product requirements. As the USB Type-C ecosystem continues to grow, companies can further provide the security that consumers have come to expect from certified USB devices.
Geoffrey Noakes, Vice President, IoT Business Development at DigiCert said:
DigiCert is excited to work with USB-IF and its CA Program Participants from the industry at large to provide the technical expertise and scale needed for the USB Type-C Authentication Program, and we look forward to implementation.