Thursday , April 22 2021

Google introduces new Keystore features to protect user data

A recent blog post from Google comes as Android's new Keystore feature keeps your Pieces slice safer.

Some of them relate to the Google Titan M security chip installed on Pixel 3 devices, while other Keystore parts are OS-based. In other words, some of the new Keystore features help someone who uses Android 9.0 Pie.

Keystore provides application developers with a set of cryptographic tools designed to provide user data. One of Keystore's advantages is that the tools available on the Android operating system are transferred to a secure hardware device. It adds extra security, because apps can only use these cryptographic keys in secure hardware, protecting them from various attacks.

One of the latest Keystore features introduced with Android Pie is the Keylogger.

Mobile applications often receive data but do not need immediate access. These data must be secure until the user has access to it. There is a key lock on this place.

Applications can not use these keys to decrypt or sign it when the screen is locked. However, when the user disconnects the device, the keystroke associated keys become available for use.

As long as the keystroke binder works similarly to another security tool, linking authentication is an important difference. The key button is linked directly to the screen lock state, but there is a permanent timeout for tying the authentication.

It is also worth noting that the keystrokes are linked at the OS level, since secure hardware chips do not know when the screen is locked. However, using the keystroke linking with hardware authentication linking creates a safer environment for storing important cryptographic data. In addition, any Android Pie device can access a keystroke that is an OS-level feature.

Secure key import

Another new feature lets your devices safely import keys. Mainly a source of origin, such as a remote server, data center, or other cloud-based memory system, can use the public wrapper key to encrypt security keys. This public wrapping key comes from a user device and this device is the only one that can decrypt it.

In addition, the wrapper keeps its contents while moving and from the operating system, meaning that only the secure hardware can see the wrapping key.

An example application in which it is used is Google Pay, which provides some 3 pixels keys to prevent interception.

In general, these security features add a number of additional levels of protection to valuable information that is sent and received on your phone. To improve security, Google has done a lot with the Pixel 3 and Titan M chips.

Source: Google

Source link