Tuesday, December 18, 2012

Trustonic: a way for mobile apps to benefit from ARM's hardware-level security

[![Image](http://www.blogcdn.com/www.engadget.com/media/2012/12/trustonic-lead.jpg) ](http://www.engadget.com/2012/12/18/trustonic-mobile-security/)

This here narrative begins back in April, when [ARM](http://www.engadget.com/tag/arm), [Giesecke & Devrient](http://www.engadget.com/tag/Giesecke+Devrient/) and [Gemalto](http://www.engadget.com/tag/Gemalto/) teamed up and gave themselves precisely nine months in which to find the perfect brand name for their newly merged [mobile security platform](http://www.engadget.com/2012/04/03/arm-seeks-better-security-for-connected-devices-teams-up-gemalt/). Today, we're looking at the fruits of their efforts: Trustonic; a word which snappily captures the essence of what's at stake (_trust_-onic) and which you may soon encounter in connection with your next-gen smartphone, Mastercard payment app or 20th Century Fox DRM'd media.

What does Trustonic do, exactly? Pretty much what Mobicore already does in the [Galaxy S III](http://www.engadget.com/2012/05/25/samsung-galaxy-s-iii-review/), or what [Trusted Foundation](http://www.engadget.com/2011/07/05/netflix-for-android-gets-first-hd-streaming-certification-texas/) does inside an [Tegra-powered tablet](http://www.engadget.com/2012/06/28/nexus-7-review/): it allows certain pieces of software to tap into hardware-level encryption and authentication, courtesy of the [TrustZone](http://www.engadget.com/2007/10/15/intel-teams-up-with-arm-to-make-pdas-mobiles-uber-secure/) silicon that many ARM chips already contain, thereby removing many of the risks associated with malware and other intrusions within the mobile OS. As far as we understand it, the key difference with Trustonic is that it won't require direct input from OEMs like Samsung and NVIDIA, but will instead be more readily accessible to any banking, payment or DRM service that is willing to pay for a key. In return, the service would get enhanced security and faster logins for its users, who'd only need to enter a short, locally-verified PIN rather than wading through cloud-based steps to prove their identity. Indeed, perhaps that's where the tonic comes into it.

[Continue reading _Trustonic: a way for mobile apps to benefit from ARM's hardware-level security_](http://www.engadget.com/2012/12/18/trustonic-mobile-security/)

Filed under: [Cellphones](http://www.engadget.com/category/cellphones/), [Tablets](http://www.engadget.com/category/tablets/), [Mobile](http://www.engadget.com/category/mobile/)

**[Comments](http://www.engadget.com/2012/12/18/trustonic-mobile-security/#comments)**

URL: http://www.engadget.com/2012/12/18/trustonic-mobile-security/

No comments:

Post a Comment