Google’s second-generation Pixel devices may be facing some scrutiny from several different angles right now but for enterprise use, it appears those devices are still at the top of their game. That’s thanks to a dedicated security module, built right into the hardware, which was recently highlighted in a post on Google’s official blog. The company says the tamper-resistant chipset is designed to reinforce the lock screen and the associated Trusted Execution Environment (TEE) security measures by protecting against attacks on both the hardware and software side. The TEE, for those who may not know, is the security protecting against brute force entry by limiting the number of guesses that can be made on the lock screen before the phone is either locked down or wiped – depending on the individual manufacturer or device model.
Google’s secure chip accomplishes that by existing as a separate component from the TEE, operating system, and the SoC. It also has its own, self-contained flash, RAM, processing unit, and associated resources, which Google says allows it to execute its own processes separately, hardening it against software-based attacks. Along those same lines, that separation of code execution provides for features that make it resilient to fault injection techniques including overclocking or underclocking and temperature or voltage tampering. It accomplishes that by scanning for side-channel attacks with power and timing analysis, as well as electromagnetic sniffing. Beyond that, password verification happens on the secure chip itself, rather than on the system chip. That means any attempt to obtain the disk encryption key will require that password, regardless of how much the system-level chip has been compromised. It also presents a small surface for attacks, to begin with since the secure chip performs such a small number of functions. Google claims that not even the search giant could update that passcode verification to a weaker version without knowing the passcode first. Finally, the hardware itself is said to be resistant to physical penetration.
Meanwhile, none of the issues the Pixel 2 or Pixel 2 XL have been experiencing should be deal-breakers from an enterprise use perspective. So the news that the device features dedicated hardened security technology should be reasonably appealing to anybody looking to update the handsets used within a business in that portion of the market.