Here’s What You Need To Know About Samsung’s Knox
March 13, 2021Samsung likes to toot its own horn when it comes to mobile security. The words ‘Secured by Knox” have emblazoned the splash screen of every smartphone in recent memory. But we know very little beyond this and how the security protocols tie in to the Android operating system. Now, Samsung has shed some light on this topic.
The Knox platform is the result of the perpetual improvement to Android’s underlying system. In the early days of the smartphone era, Android was a pretty robust OS having inherited the building blocks from UNIX. However, over time, it became apparent that what worked for PCs may not be effective for mobile devices like smartphones.
That’s why Samsung decided to introduce extra protection levels to critical information such as private keys and digital certificates. That’s where the idea of using Trusted Execution Environments (TEEs) in mobile devices came in. This works within the ARM processors of Samsung smartphones TEE-based productions called TrustZone.
TrustZone’s goal is to isolate software that manages sensitive data such as passwords, biometrics, and cryptographic keys. The system runs on a different OS, which co-exists along side the Android OS. If Android wants a fingerprint checked, it has to request said data from a TrustZone applet, that works on its behalf.
This way, sensitive cryptographic and biometric data is never exposed to the Android OS or public apps. Hypothetically, if a sophisticated form of malware wants to acquire your sensitive data, it needs to do a lot more than just breach Android’s security and execute an exploit. It also needs to simultaneously compromise TrustZone too.
TrustZone, working in tandem with Samsung’s other Knox platform layers such as Real-Time Kernel Protection make up the hardware-based device security. That said, TrustZone and Android still use the same CPU and memory, which in itself exposes a certain number of vulnerabilities. That’s where Samsung’s Knox Vault comes in to play.
Like TrustZone, Knox Vault is also responsible for protecting the most critical information like PINs, passwords, biometrics, digital certificates, cryptographic keys and other sensitive information. However, its processor operates independently from the main CPU that handles the Android operating system.
This secure processor and memory work with the software that shields sensitive data from the Android operating system and third party applications. Samsung says it considered both virtual and physical intrusions when it went about creating Knox Vault. As such, hackers will have a difficult time extracting data even if they have your device.
When someone tries to tamper with a Knox protected Galaxy phone directly, the secure information in the vault can ‘self-destruct’ so that access is prevented. This layered protection system provides users with some assurance that their data can be kept safe from malware and other kinds of cyber intrusions for the foreseeable future.