Intercede and Solacia have announced that they are to integrate their mobile security solutions on Android. The result is that Android applications will be able to execute secure transactions in a hardware protected zone. This is good news for Android as is continues to struggle with the problem of security and trust.
The solution will see Solacia’s Trusted Execution Environment (TEE) enable Intercede’s Trusted Application Management (TAM) service to give applications access to ARM TrustZone. The solution will also incorporate digital certificates from Symantec which will appeal to IT security teams.
Intercede MyTAM already available on Android
In February 2015 Intercede announced its MyTAM service to enable developers to take advantage of the TEE environments that have been built into Android chipsets for a while. What makes this announcement different is that the Solacia TEE is not being loaded as part of the factory build for consumer grade smartphones. Instead it can be installed post-factory by mobile operators and service providers.
A more interesting application is that corporate security teams can also take advantage of this to improve their control of end user devices. With so many devices now accessing corporate systems that are owned by users rather than the enterprise, this solution will appeal to large corporate IT security teams. Another group who will be interesting will be financial institutions such as banks who can now push their applications into a secure environment that is completely isolated from the rest of the Android operating sytem.
According to Richard Parris, CEO of Intercede: “This deployment heralds a new era in security for Android handsets, giving service providers a new level of control over the security features they can offer with their devices and applications. They need choice in their selection of TEE and cryptographic key provider for reasons of interoperability, policy and cost while maintaining a common management platform across mixed fleets of devices.”
The solution will be demonstrated at Mobile World Congress on the LG stand using an LG V10 smartphone.
Conclusion
Anything that tightens up Android security is to be welcomed. It is now the most prolific mobile operating system in the market and is installed on a vast range of devices. As such is it also the most prevalent mobile environment to be found inside most corporate environments.
One of the major concerns recently has been the amount of factory installed malware that is beginning to emerge. By adding in a post-factory TEE it means that any risk of compromise of devices at the factory can be overcome.
