For better or worse, smartphones now rule our lives. They connect us 24/7 via text and social media, manage our finances, unlock our vehicles, turn on the lights, and even let the dog out when we’re not home. We trust our phones with access to almost every aspect of our lives and don’t ask questions.
Up until recently, it’s been a leap of faith too far to assume that all this nascent device tech is keeping our data safe and secure. But luckily for us (and our dogs), new developments in semiconductors may be just what we need to remain blissfully ignorant of how exposed we’ve really been all these years.
Securing a mobile device, one that is connected 24-7 on not only cellular networks but also Wi-Fi and Bluetooth, turns out to be no easy feat. Compared to “traditional” computers, mobile devices come with additional vulnerabilities. Some of the features specific to smartphones and other mobile devices that create additional vulnerabilities include:
• Common operating systems – all smartphones operate on one of two OS.
• User culture – mobile users are less likely to update their OS in a timely fashion and more likely to not read terms and services or check origins when installing apps.
• 24-7 connectivity – smartphones are almost always connected to some type of network, making them vulnerable at almost all times.
• Software-based solutions – common software tools used on computers do not extend to mobile devices, because they store more types of data through more varied means, i.e. attacks through text vs. attacks through calling vs. attacks through apps.
This is where semiconductors step in to shore up defenses. Rather than relying on software to secure smartphones, hardware devices can be used to protect the OS and users’ data. At their basic level, all computers are just a collection of chips and semiconductors storing code in memory and talking to each other to execute that code. Let’s say the code necessary to boot the OS, the OS itself, and stored data all live on one hardware chip. A hacker only has to break into that single piece of hardware to access the entire system.
On the other hand, a separate semiconductor chip can house some of that code and store some of the users’ data. One common example is storing the code needed to boot the OS on a separate semiconductor. Another example is using a separate semiconductor as secured storage for critical data, such as banking information. Now, an attack on the system must go through one or more additional hardware chips to reach sensitive data. The device now has an extra layer of security that, by its hardware nature, is much harder to breach.
In February 2020, Samsung unveiled their best-in-class semiconductor chip for security with the Common Criteria Evaluation Assurance Level (CC EAL) 5+ certified Secure Element (SE) turnkey chip (S3K250AF). This SE consists of a semiconductor chip with dedicated software that stores a users’ critical data on an isolated piece of hardware.