Securing Mobile Devices with Advanced Hardware Technology
Though highly advanced in some of the aspects, mobile software protection is nearing its limit. Because this form of security is based on a software protecting another software, it somehow fails to be as reliable as hardware-backed protection. Though risk management teams try to deploy such technologies, due to their limited user access capabilities, application developers always work hard to offer flexible solutions and harness true hardware-based security.
A widely adopted solution to thwart these challenges is the Trusted Execution Environment (TEE) that offers hardware-based mobile security without increasing a device's bill of materials. Standardized by GlobalPlatform—a non-profit organization that creates and publishes secure chip technology specifications—the TEE is a secure area of the main processor where mobile applications can seamlessly run. This technology is being used extensively across enterprises such the ones in fintech spaces. Providing hardware isolation from operating systems such as Android that protect applications’ code, logic and data, the TEE is an operating environment that exists on the main application processor of a device. Even on compromised devices, TEE provides enhanced application protection.
Unlike other discrete hardware-secured environments, applications running in the TEE can access a device's computing power and memory. In addition, it prevents malware from stealing credentials or mimicking user interaction by enabling only privileged access to peripherals like touch-screen or fingerprint sensors. Leading organizations across the globe have developed innovative tools to enable the seamless development of applications targeted at TEE. Moreover, rather than redeveloping a complete mobile application, isolating the sensitive components into a separate trusted application that works within TEE makes it faster and better.
By Tom Farrah, CIO & SVP, Dr Pepper Snapple Group
By George Evans, CIO, Singing River Health System
By John Kamin, EVP and CIO, Old National Bancorp
By Phil Jordan, CIO, Telefonica
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
By Dennis Hodges, CIO, Inteva Products
By Bill Krivoshik, SVP & CIO, Time Warner Inc.
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Alberto Ruocco, CIO, American Electric Power
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
By Sven Gerjets, SVP-IT, DIRECTV
By Marie Blake, EVP & CCO, BankUnited
By Lowell Gilvin, Chief Process Officer, Jabil
By Walter Carvalho, VP & Corporate CIO, Carnival Corporation
By Mary Alice Annecharico, SVP & CIO, Henry Ford Health System
By Bernd Schlotter, President of Services, Unify
By Bob Fecteau, CIO, SAIC
By Jason Alan Snyder, CTO, Momentum Worldwide
By Jim Whitehurst, CEO, Red Hat
By Marc Jones, Distinguished Engineer, IBM Cloud Infrastructure