New USB C authentication program could protect you against rogue devices (or unleash a nightmareish walled garden approach to accessories)

Standards. If only they were standard.

When USB C first arrived on the market the new standard brought the promise of reversible connectors, interoperable accessories, faster charging and a whole host of other benefits. Unfortunately, the standard didn’t actually include a technology to enforce itself and as such we’ve seen a host of non-compliant USB C accessories on the market. Some of these can pose a significant risk to your devices.

That’s all changing today with the USB-IF standards body launching a new USB C Authentication Program. This will allow OEMs to include a security check in their hardware to ensure/ enforce compliance with the standard.

The new authentication solution includes:

• A standard protocol for authenticating certified USB Type-C chargers, devices, cables and power sources
• Support for authenticating over either USB data bus or USB Power Delivery communications channels
• Products that use the authentication protocol retain control over the security policies to be implemented and enforced
• Relies on 128-bit security for all cryptographic methods
• Specification references existing internationally-accepted cryptographic methods for certificate format, digital signing, hash and random number generation

This sounds like a good thing, doesn’t it?

Well yes. It is good that USB C devices will be able to ‘talk’ with the chargers, cables and accessories that are plugged into them and ensure that they are all compliant. However, I have a bit of an issue with what OEMs can do beyond this. An OEM could – quite easily – restrict their devices to using first-party chargers only, or approved third-party accessories.

Sounds exactly like Apple’s MFI program, which drove up the cost of accessories. Speaking of Apple, you can only imagine with that precedent, they’d be among the first to restrict USB C accessories on their iPads, Macbooks and other USB C devices.

I hope that the majority of Android and Windows OEMs won’t engage in such user-hostile practices, and will instead just plan on working with ANY accessory that gains certification under the new Authentication Program.

Could it go the other way?

The other side of this to consider is if the industry does fractures between priority and general certification I can foresee a time when an accessory that is ‘certified’ for say Apple won’t also be certified to the general standard, and as such won’t work with any other USB C device.

Sound like hell and a massive step backward? Yep, it does to me too.

It’s a bit early to get all doom and gloom, the new program isn’t even 24 hours old as yet. However, if the past 10 years of consumer tech trends have shown us anything it’s that if companies can disadvantage consumers and lock them even more into an ecosystem that they control, and more importantly monetise, they will.

They’ll pretend it’s all to ‘protect’ the consumer.

Are you excited or dismayed at the specifics of the new USB C program?