The Google Pixel 3 features the new Titan M enterprise-grade security chip designed specifically for the smartphone model. Google went into some details about the security chip today, explaining that it borrowed some of the best features from its Titan chip, which is used for Google Cloud data centers. The Titan M is made for mobile, though, working to provide on-device OS and data protection.
Google introduced a tamper-resistant, dedicated hardware security module with its previous Pixel 2 smartphone, building upon that in the Pixel 3 with its Titan M. According to the company, Titan M is involved in the Verified Boot process to help secure the smartphone from external tampering.
As well, the security chip works to verify the lock screen passcode, limiting the number of available attempts and working to keep intruders out of the device. Titan M boasts completely independent computation alongside secured flash to further resist tampering.
Titan M likewise brings Protected Confirmation on Android 9, which is an API designed for protecting “the most security-critical operations,” according to Google. In this version of Android, developers can have their apps utilize StrongBox KeyStore APIs for generating and storing these private keys in Titan M. Google says that utilizing these APIs can help make sure that it is the user and not something else confirming a mobile transaction.
Wrapping up its details, Google also says that it created Titan M with “insider attack resistance,” namely the chip’s firmware can’t be updated without the device’s passcode. Thanks to this, hackers, law enforcement, and other potential snoops will not be able to skip the lock screen and then change the chip’s firmware for access.
SOURCE: Google Blog