Wave Systems Corp. (fka WAVXQ)

[Genz2]

Is Samsung’s New Data Security Chip a Game Changer?

https://www.cisomag.com/samsung-data-security-chip/

Samsung Electronics, known for its advancements in various turnkey technologies, has now introduced a standalone security solution comprised of a Secure Element (SE) chip (S3FV9RR) that is managed by enhanced security software. This security chip from Samsung offers a secure gateway to perform tasks such as booting, isolated storage, mobile payments, and other applications. Samsung first introduced a SE-chip (S3K250AF) in its S20 device, which had a Common Criteria Evaluation Assurance Level (CC EAL) of 5+. However, with the SE-chip (S3FV9RR), Samsung has taken its own security standards a notch higher as it has achieved a CC EAL certification of 6+, the highest level acquired by a mobile component.


With the new standalone security element solution (S3FV9RR), Samsung is now enabling smart devices to safeguard user’s private information.

Samsung’s Data Security Chip – A Game Changer

The EAL ranking is given by Common Criteria, an organization that certifies the security level of IT products from EAL0 to EAL7, with seven being the most secure. Thus, the CC EAL certification of 6+ is deemed as a game-changer because it is utilized in applications that demand the most stringent security requirements in the market such as high-end smartphones, e-passports, and hardware wallets for cryptocurrency.

This new data security chip also supports the following:
•The hardware-based root of trust (RoT)
•Secure boot, and
•Secure device authentication

While running applications on a mobile device, a boot loader initiates a chain of trust, i.e. all the firmware with approved keys is validated sequentially. This boot process is carried out by the RoT, which guards the device against any possible malicious threats and unauthorized software updates.

Dongho Shin, Senior Vice President of System LSI marketing at Samsung Electronics, said, “In this era of mobility and contact-less interactions, we expect our connected devices, such as smartphones or tablets, to be highly secure so as to protect personal data and enable fintech activities such as mobile banking, stock trading, and cryptocurrency transactions. With the new standalone security element solution (S3FV9RR), Samsung is enabling smart devices to safeguard private information.”

This is not the first attempt of hardware-based security and security chips were introduced earlier.

Google’s Titan M Security Chip

Google’s Titan M is an enterprise-grade security chip custom-built for Google’s smartphone brand, Pixel. This chip secures the most sensitive on-device data and operating system. Titan M helps the bootloader (the program that validates and loads Android when the phone turns on) — make sure that the latest Android version is loaded. It stores the last known safe Android version and restricts attackers from moving to an older and potentially vulnerable Android version on the device. Titan M also prevents attackers’ attempts to unlock the bootloader.

The other salient features of Titan M are:
•Lock screen and On-Device Disk Encryption protection
•Secure Third-Party App Transactions
•Insider Attack Resistance

In 2019, Google announced a $1.5 Mn bug bounty reward for cracking Pixel’s Titan M secure element chip. The reward amount though is at the discretion of the rewards committee and depends on several factors.

Trusted Platform Module

In 2009, a computer industry consortium called Trusted Computing Group created a specification for Trusted Platform Module (TPM). TPM, also known as ISO/IEC 11889, is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. A TPM chip has a unique RSA key burned in and a computer program can use a TPM to authenticate hardware devices. In this way hardware-level security complements software-based security, further strengthening the security of the system.

Any application can use a TPM chip for:
•Digital rights management
•Protection and enforcement of software licenses
•Prevention of cheating in online games
==================================================================
It's intriguing that Samsung produces a 'security chip' for its phones that does interesting things and Wave signed an agreement with Samsung for the use of its security software with TPMs (hardware security chips)

As organizations replace their Samsung fleets, the older phones need to be secured, and this could be done with the TPM/TEE and software from Wave!!! Please see the ARM link and Samsung link to see how Wave could help tremendously in this mobile ecosystem!!!
==================================================================
Wave Joins ARM TrustZone Ready Program

Committed to Helping Chip Manufacturers Implement Industry Standard Security for Mobile Platforms

https://www.wavesys.com/buzz/pr/wave-joins-arm-trustzone-ready-program

Lee, MA -

September 26, 2012 -

Wave Systems Corp. (NASDAQ:WAVX) today announced that it has joined the ARM TrustZone® Ready Enablement Program to provide support and infrastructure for implementing enterprise security capabilities in mobile devices. As a partner in the program, Wave joins other industry leaders in helping chip manufacturers design and implement new industry standard security capabilities within ARM’s TrustZone architecture to enable full cross-platform interoperability across PCs, tablets, smartphones and other mobile devices.

TrustZone Technology (developed by ARM, the world’s leading semiconductor IP supplier) is a System-on-Chip security concept that involves a hardware-isolated space for a Trusted Execution Environment (TEE). Once integrated, core security services such as cryptography, storage and user interfaces can enable services to be deployed with a new level of security and convenience.

The primary goal of ARM's TrustZone Ready enablement program is to guide chip and device manufacturers to design robust, industry-certified security architecture into their products that will meet the needs of service providers looking to deploy secure services on secured platforms. Companies that implement system-wide security into their platforms can benefit from this program through a cohesive set of design blueprints, market requirements, and checklists aligned with industry standards.

“Smart phones, tablets and other devices are essential for today’s enterprise, and require access to sensitive applications and data. While these devices have excellent security for the mobile operator’s services, they lack basic security for use within an enterprise network,” commented Steven Sprague, Wave’s CEO. “ARM, with the TrustZone Ready Program, is taking the lead in making sure that standards-based security implemented in the TrustZone Trusted Execution Environment (TEE) is integrated into chipsets for mobile devices. Wave is committed to sharing its expertise in Trusted Platform Module (TPM) implementations, application development and trust infrastructure support.”

“Wave’s infrastructure for managing TPM and TPM-mobile-enabled devices will allow enterprise users to exploit the full capabilities of Trusted Computing Group standards across multiple device types,” added Jon Geater, Director of Technology for ARM Secure Services Division and Board Representative of ARM at GlobalPlatform. “ARM welcomes Wave into the TrustZone Ready Program as a valuable partner that will bring secure enterprise services to TrustZone secured devices running GlobalPlatform Trusted Execution Environments.”

Eliminating passwords, Providing Health Measurements for mobile devices

The TPM, shipped on more than half a billion PCs, is a cryptographic component built on specifications from the Trusted Computing Group. The TPM brings strong, enterprise-grade security features to consumer devices that are widely deployed in enterprise networks. The TPM for mobile devices is uniquely designed to support the security needs of multiple stakeholders, allowing enterprises to provide strong security in end-user applications, satisfy the security requirements of third-party application developers, and support other parties.

With a TPM Mobile implemented within the hardware-based security boundaries of ARM’s TrustZone and protected by a full function Trusted Execution Environment, enterprises will be able to take advantage of the strong security of the TPM in the following ways:
• Protect corporate devices and user identities
• Measure and attest to the integrity and health of the mobile device
• Implement secure network access
• Provide secure messaging for corporate traffic
• Reduce the need for user passwords, with reliance on the device itself as a strong authentication token for access to services and data, including cloud-based functions.
• Offer central control over devices which are lost or stolen to protect sensitive data

Increased emphasis on trusted computing is driving the security industry toward hardware-based technologies that offer improved access control, encryption, and the early detection of malware. With Wave’s industry-leading trusted computing solutions, customers are empowered to secure endpoint data, protect data-in-motion and ensure that only trusted devices gain access to the enterprise network. Wave’s solution will provide enterprises with cross-platform interoperability between PCs and mobile devices for trusted computing-based functions and applications.
=================================================================
Wave Systems Signs 15-year License Agreement with Samsung

https://www.wavesys.com/buzz/news/wave-systems-signs-15-year-license-agreement-samsung