At their event last week, Google made a fair to-do about their new Titan security chip, outlining some of the features on-stage in New York. Today they’ve expanded on what the Titan M chip actually is, and what it can do for security on your phone.
Google describes the Titan M chip in the Pixel 3 as an ‘enterprise-grade security chip’ which was custom built for Pixel 3, building on their Titan security Chip used in Google Data Centres to protect your data in the cloud.
Google uses the Titan M chip in their ‘Verified Boot’, a secure boot process that Google first started playing with in Android 4.4, but implemented as Android Verified Boot last year in Android Oreo. The Verified Boot process they say protects Android from outside tampering.
The Titan M chip is also used to verify your lock screen passcode with limits set on logon attempts, as well as preventing access to the secured encrypted flash storage on your phone, with decryption of your data only allowed after the chip successfully verifies your passcode.
The chip isn’t just for Google though, with the Titan M chip able to ‘protect third-party apps and secure sensitive transactions’ thanks to the new StrongBox KeyStore APIs in Android 9.
Google says that the chip itself is secure from external interference as well, with the chip only able to receive firmware updates once you’ve successfully entered your passcode (fingerprint scan etc.).
Google is going all in on their ‘Titan’ security branding, with their cloud storage, this new on-board chip in the Pixel 3 and of course their Titan security keys for desktop PCs which went on-sale in the US in August (Sorry, no word on local release here).
Interesting. I wonder when we we will get the Titan keys here? I use a Yubikey at the moment and it works well.