Here’s What You Need To Know About Samsung’s Knox

March 13, 2021 Off By Naveen Victor

Samsung likes to toot its own horn when it comes to mobile security. The words ‘Secured by Knox” have emblazoned the splash screen of every smartphone in recent memory. But we know very little beyond this and how the security protocols tie in to the Android operating system. Now, Samsung has shed some light on this topic.

The Knox platform is the result of the perpetual improvement to Android’s underlying system. In the early days of the smartphone era, Android was a pretty robust OS having inherited the building blocks from UNIX. However, over time, it became apparent that what worked for PCs may not be effective for mobile devices like smartphones.

That’s why Samsung decided to introduce extra protection levels to critical information such as private keys and digital certificates. That’s where the idea of using Trusted Execution Environments (TEEs) in mobile devices came in. This works within the ARM processors of Samsung smartphones TEE-based productions called TrustZone.

TrustZone’s goal is to isolate software that manages sensitive data such as passwords, biometrics, and cryptographic keys. The system runs on a different OS, which co-exists along side the Android OS. If Android wants a fingerprint checked, it has to request said data from a TrustZone applet, that works on its behalf.

This way, sensitive cryptographic and biometric data is never exposed to the Android OS or public apps. Hypothetically, if a sophisticated form of malware wants to acquire your sensitive data, it needs to do a lot more than just breach Android’s security and execute an exploit. It also needs to simultaneously compromise TrustZone too.

TrustZone, working in tandem with Samsung’s other Knox platform layers such as Real-Time Kernel Protection make up the hardware-based device security. That said, TrustZone and Android still use the same CPU and memory, which in itself exposes a certain number of vulnerabilities. That’s where Samsung’s Knox Vault comes in to play.

Like TrustZone, Knox Vault is also responsible for protecting the most critical information like PINs, passwords, biometrics, digital certificates, cryptographic keys and other sensitive information. However, its processor operates independently from the main CPU that handles the Android operating system.

This secure processor and memory work with the software that shields sensitive data from the Android operating system and third party applications. Samsung says it considered both virtual and physical intrusions when it went about creating Knox Vault. As such, hackers will have a difficult time extracting data even if they have your device.

When someone tries to tamper with a Knox protected Galaxy phone directly, the secure information in the vault can ‘self-destruct’ so that access is prevented. This layered protection system provides users with some assurance that their data can be kept safe from malware and other kinds of cyber intrusions for the foreseeable future.

Related posts:

New Samsung Monitors For Creative & Professional Work
Samsung’s Frame TV & Speaker Want To be More Than Appliances
Samsung Galaxy A55 5G Wants To Be A Photography Companion
Samsung Wallet Available On A15 5G
Samsung A55 & A35 5G Offers Flagship-Like Features To The Masses
Samsung Drops Tablet Prices In Spirit of Festive Season
Samsung Is Offering Prizes Worth Up To RM19,000 With A TV Purchase
Samsung Offers RM300 Discount on New Tab S9 and S9 FE For Hari Raya
CategoryNews Samsung Security
Tagscyber attack Knox Malware Samsung Secured by Knox Security

About The Author

Engineer by day, resident muckraker by night. Naveen's obsession with pushing machines to their limits, dates back more than two decades. This has resulted in several life threatening situations, a handful of fires and the needless destruction of perfectly functioning gizmos.