What you need to know
- Apple's Secure Enclave was the first of its kind.
- But now Android phone makers have caught up.
- Many get the feature for free as part of the SoC they use.
Apple was the first out of the gate with a hardware security chip in the form of the Secure Enclave with the arrival of iPhone 5S. But now it seems everyone has one, with most Android phone makers also boasting a similar feature.
Apple's Secure Enclave houses information that needs to remain separate from the rest of the system in order to avoid it being compromised. Touch ID, Face ID, and passcode data are just some examples.
According to a new Counterpoint Research report, most Android phone makers now have their own alternative to the Secure Enclave.
Sales of smartphones with embedded hardware security (secure smartphones) grew 39% year-on-year (YoY) in 2019, according to the latest research from Counterpoint's IoT Security Service. Systems based on a secure element accounted for 89% of shipments, while those with a PUF represented 10% of secure smartphone sales in 2019.
However, the same report also noted that both Samsung and Google approach things a little differently. Although the result is still a dedicated solution.
Samsung implements a physically unclonable function (PUF), that serves as a unique identifier in the Exynos 9820 and 9825. Where Google takes a different approach by implementing a TPM (Trust Platform Module), a miniature version of a hardware security module (HSM) soldered into the PCBs of its Pixel series smartphones.
But while Apple's competition does now have something similar to the Secure Enclave, most of them haven't had to do any work to get it. As the report notes, most of them get the feature for free as part of the System on Chip (SoC) they happen to use. Such as Qualcomm's 8xx series.
The secure element is a coprocessor within the SoC that assures tamper-resistance and is capable of securely hosting applications. From the iPhone 5s onwards, Apple has been embedding a secure enclave (eSE) provided by the Global Platform. The communication within the secure enclave and application processor is isolated, which secures data from malware attacks. Huawei also implemented an integrated secure element (inSE) on its SoCs, the HiSilicon Kirin 960, 970, 980, 990, and 710. Qualcomm has adopted the secure element as a secure processing unit (SPU) in the Snapdragon 845, 855, and 855+, which enables brands like Xiaomi, OnePlus, Oppo, Vivo, LG, Sony, Samsung, and Google to implement hardware embedded security in its premium smartphones.