Giesecke & Devrient Mobile Sicherheitein sicheres Ecosystem für die mobile Kommunikation 22.04.2010 Dr. Kai Grassie SVP, CTO Darmstadt, 13.12.2012
Contents G&D: Who we are Innovation accelerates: From connected devices to multidimensional network of networks Some numbers Security: An economic factor and its industrial environment G&D: From Cards to Mobile Security Our answer to Mobile Security More to come: Relevance of Security for other industries 2
G&D has been growing through continuous innovation Server software and services Token and embedded security Cards for payment and telecommunications Government solutions Banknote processing Banknote and security paper Banknote and security printing 1852 2012 Global leader in secure solutions 3
The strategic cornerstones of our success Banknote solutions Government solutions Trusted brand Innovativeness Global presence Mobile security 4
Contents G&D: Who we are Innovation accelerates: From connected devices to multidimensional network of networks Some numbers Security: An economic factor and its industrial environment G&D: From Cards to Mobile Security Our answer to Mobile Security More to come: Relevance of Security for other industries 5
Connectivity enables convergence of devices and applications at work productivity at home UWB Ethernet 802.11 entertainment 802.11 cellular NFC BT DWB 802.11 hotspots on the move 802.11 NFC BT mobile... and create a seamless environment for the user 6
Some trends Technological Trends Connected systems Converging technologies Mobile > Desktop Open source technologies Distributed systems Real time Location based Universal devices High bandwidth Processing power Miniaturization Impact in society Social networks Digital identities BYOD Always online Shopping Entertainment Reading Information sharing/gathering Publishing Manufacturing 7
Change of paradigm: From connected devices towards a multidimensional network of networks Cloud 1 Cloud Cloud Cloud Cloud 2 (Mobile) consumer devices Clients Cloud 3 our entire industrial, governmental and social processes depend on it 8
Contents G&D: Who we are Innovation accelerates: From connected devices to multidimensional network of networks Some numbers Security: An economic factor and its industrial environment G&D: From Cards to Mobile Security Our answer to Mobile Security More to come: Relevance of Security for other industries 9
Business motivation: Mobile communication The numbers are stunning! 10
Smartphones and tablets are extremely appealing due to better affordability and lower tariffs Smartphone share will grow to 75%within in the next 5 years; in 2013 1.2b devices will be sold More Smartphones sold than PC by 2014, at price down to $100 (Gartner) Used like never before for web, mail, banking, remote access 20% Smartphones account for 80% of all data revenues Fast growing revenue from apps: $3,2 bn in 2010 - $21 bn in 2014 More than 500,000 apps - Apple leads but Android is catching up Security concerns among online payment subscriber have increased by nearly 50% 11
Stunning dynamics!!! 12
Very appealing: Transactions with smartphones! US$180bn worth of transactions with NFC phones in 2017 (Juniper Research). 1 in 4 of US and Western European mobile phone users will use their NFC-enabled mobile phone to pay for goods instore by 2017, compared with less than 2% in 2012. (Juniper Research) Paypal handles US$3bn in mobile payments/per year (about 10 Mio a day) Mobile payment volume in 2012: US$171bn, in 2016: US$617bn (Gartner) 1bn Facebook accounts, 60% are mobile users 13
Contents G&D: Who we are Innovation accelerates: From connected devices to multidimensional network of networks Some numbers Security: An economic factor and its industrial environment G&D: From Cards to Mobile Security Our answer to Mobile Security More to come: Relevance of Security for other industries 14
But: Security threats are becoming critical ICT trends create new security challenges 15
Smartphones and tablets are of high interest for cyber criminals for various reasons Huge growth. In particular Android Smartphones will outnumber PCs by 2013. Will be most common device for accessing the Internet. Gartner predictions 2011 The way they are used Web, email, banking, shopping, Remote access for growing mobile workforce Sensitive data on device (contacts, emails, docs, credentials, ) BYOD 1) bring new challenges 1) Bring Your Own Device Easy apps distribution via stores Up to 30k new apps per month A lot free-of-charge App downloads/day in millions Google s open model less restrictive than Apple Less security-aware as for PCs 84% protected by But only 10% of security SW Smartphones Kaspersky News April 2011 62% download apps without checking if from trusted source. Ponemon March 2011 Just 32% believe information stored or transmitted by their mobile phone is secure Oracle 2011 16
A vicious cycle: Mobile malware is spreading fast while more apps are being used Mobile Malware is increasing strongly more than 85% of affected devices are Android based 5x more minutes are spent using Apps than using the Mobile Web New mobile malware in 2Q/2012 +700% New mobile malware in 1Q/2012 Source: McAfee Threats Report; Second Quarter 2012 Source: Nielsen Smartphone Analytics / G&D Analysis, 2012 17
Will the PC experience repeat itself in the mobile world? Man-in-the middle attacks DNS Spoofing Hijacking Rerouting Password sniffers Pharming Phishing 18
When mobile apps are the target Sophisticated attacks can outwit authentication mechanisms: username / password PKI device internet Server OTP device The application / the browser is the new target: Malware infects the browser/app (exploiting default interfaces) Mobile as authentication device After the authentication the malware takes control of the browser and performs own operations in the name of the legitimate user The malware displays to user what he expects to see, not what is really happening 19
Security is a key industry but the German industry has to act fast 20
Contents G&D: Who we are Innovation accelerates: From connected devices to multidimensional network of networks Some numbers Security: An economic factor and its industrial environment G&D: From Cards to Mobile Security Our answer to Mobile Security More to come: Relevance of Security for other industries 21
Convergence of daily life security-based applications Pay Communicate Convergence Identify 22
Trend: Convergence of daily life security-based applications Pay Communicate Convergence Identify 23
Many opportunities for G&D Retail Tradem. Prot. Enter prise Smart Home Telematik Autom. Content Govern ment Health Cloud MNOs Banks Trans port Secure Secure Device Device Trusted Service Management MNOs Banks Cards for Payment and Telecom... 24
Contents G&D: Who we are Innovation accelerates: From connected devices to multidimensional network of networks Some numbers Security: An economic factor and its industrial environment G&D: From Cards to Mobile Security Our answer to Mobile Security More to come: Relevance of Security for other industries 25
What answers does the industry offer? Embedded SE Removable SE TrustZone & MobiCore SIM-based SE SE = Secure Element 26
TEE the glue between hardware and applications Mobile Payment Mobile Banking Mobile Ticketing Mobile Visa Mobile Health Services Mobile Public Services G&D Trusted Service Management MobiCore 27
What problems do we need to solve with a TEE? Isolation of critical code: Reduced security perimeter implies less effort to achieve higher security with greater stability. Need for hardware level protection: Hacking became a very profitable business. Cost to hack systems needs to be greater than its potential benefits. Fragmentation, compatibility and economies of scale: Custom hardware around the CPU to create secure world partition represents higher costs and slower adoption. Secure Peripherals: Integration of security relevant peripherals such as secure keypad, display, I/O in the security environment Complement the smartcard or TPMs: Processing power, throughput, cost, user interface. Debug: Application development environment and debug opens many vulnerable windows. 28
MobiCore is a Trusted Execution Environment designed to run on ARM TrustZone enabled System on Chips MobiCore OS offers a Trusted Execution Environment (TEE) on the application processor The TEE is integrated via the secure boot process Secure services called Trustlets can run on the TEE which is isolated from the Rich OS (e.g. Android) Multiple Trustlets can run in parallel and independently from each other in a secure mode Trustlets can be provisioned and managed Over The Air (OTA) via the MobiCore Trusted Service Manager Applications downloaded from e.g. Google Play (Market) provide the user interaction interface 29
Five Key Features for higher mobile device security and tighter control Secure Runtime Environment Secure I/O Secure Storage OTA Management Secure End Point Secure environment for apps & services Secure keypad & secure display Secure storage of PIN & user credential OTA mgmt of apps & credentials Secure identification of users & devices Security Control 30
A preventive security solution, protecting most of currently known cyber attacks Mobile Device Processor Hardware peripherals Normal World Rich OS Apps Secure World ARM TrustZone with MobiCore (UI) like display, keypad, touch, etc Data Connection like WLAN, Bluetooth, Infrared Microphone, Speaker Camera App 1 App 2 App n Trustlet Connector (TLV) Rich OS Trustlets MobiCore OS Trusted Execution Environment Runtime Mgmt. Crypto Driver Keypad Driver, etc. SIM Embedded processor & storage ese / SD Card etc. TEE Driver Kernel Module G&D Microkernel Embedded processor & storage Without MobiCore With MobiCore 31
MobiCore secures applications in three steps Mobile Device Processor Isolation of security relevant functions of applications in MobiCore trustlets Normal World App 1 Rich OS Apps App 2 Trustlet Connector (TLV) Rich OS App n TEE Driver Kernel Module Secure World ARM TrustZone with MobiCore Trustlets MobiCore OS Trusted Execution Environment Runtime Mgmt. Crypto Driver G&D Microkernel Keypad Driver, etc. With MobiCore Access to secured space on TEE OTA Deployment and Lifecycle Management of MobiCore trustlets 32
Applications can be secured with Trustlets, covering security relevant functionalities Mobile Device Processor Secure relevant application functions need to be isolated into a trustlet Normal World App 1 Rich OS Apps App 2 App n Trustlet Connector (TLV) Secure World ARM TrustZone with MobiCore Trustlets Trustlets can then be processed in ARM TrustZone Trustlet to be connected via a Trustlet Connector Rich OS TEE Driver Kernel Module MobiCore OS Trusted Execution Environment Runtime Mgmt. Crypto Driver G&D Microkernel Keypad Driver, etc. With MobiCore 33
To utilize trustlets within the TrustZone, secure runtime needs to be set up Mobile Device Processor Normal World Secure World Regular normal world applications App 1 Rich OS Apps App 2 App n Trustlet Connector (TLV) ARM TrustZone with MobiCore Trustlets Secured parts of normal world applications Regular, unsecure OS (Android) Rich OS TEE Driver Kernel Module MobiCore OS Trusted Execution Environment Runtime Mgmt. Crypto Driver G&D Microkernel Keypad Driver, etc. Secure OS MobiCore With MobiCore 34
The Trusted Service Manager (TSM) deploys and manages OTA all trustlets and secured applications Service Providers Data Trusted Service Manager OTA Trusted Service Manager 1 A neutral and established security enabler in the finance and telecommunications industries. 2 Hosted service based on TSM centre offering highest security and service levels. 3 Personalized OTA access and lifecycle management for data and operations to unlimited number of devices. 35
Mobile Devices are TEE enabled during production and activated OTA in the field Back-End and Service Enabler Delivery of Trustlets Service Providers Key and device identity to backend Hand over control to SM Trusted Service Manager App Store OEM Device Factory Delivery of regular apps Device binding during production User enjoys comfort of secured applications 36
Advantages for eco system players Support of Open App Based Environment TEE takes main application processor security serious by securing hardware access instead of securing only software End User Friendly Security End User determines security activation of apps. Trustlets do not impact performance or ease of use MobiCore Advantages Cost Efficiency for service providers TEE is activated based on end user need for secured applications TEE business model is based on pay per usage OTA Content Management TEE and its secure features can be actively managed over the air (OTA) by a TSM during device lifecycle Service provider neutral and agnostic TEE offers dedicated and isolated secure runtime for service providers enabling diverse secure services 37
Enablement of secured services for various industry segments Service Provider Platforms & Services TEE Access Management Web Frontend Personalization Service Management Service Management Framework (SP Provisioning Agent) Trusted Service Manager Web Access MobiCore Trusted Services Service Mgmt. Framework Embedded Software Mobile Money Credit, Debit, Wallet, ecash, Mobile Enterprise Mail, Office, Network, ERP, Mobile Authentication Endpoint, ID, Signature, Mobile Ticketing Transport, Events, Mobile Loyalty Membership, Retail, Coupons, Mobile Authentication Trustlets Service Provider Device Interface Secure Applications / Solutions TEE Components Secure OS Secure Chip Service Provider Device interface 38
To manage complexity of the eco-system, the TEE business logic needs to be transparent for all stakeholders Back End Stores device specific authentication keys Service Enabler Unlocks MobiCore container for use by TSM (selling keys) TSM Provides key management services and acquires access keys OEMs Produce devices and serialize them with MobiCore SiPs Incorporate MobiCore into Chipsets OEM MC Keys Devices Distribution Channel BE SE TSM Management eco-system MNO / SP APP Market MNOs Distribute MobiCore enabled devices SPs Develop / provide apps and authorizes device specific container activation via apps developer ARM Provide hardware architecture with TEE(TrustZone) to SiP s SiP ARM Support MobiCore Technology TrustZone HW Enabler End User Ultimately generates value by using secure apps MobiCore Eco-System Application Market Receives request from end user for application download to device 39
A large range of use cases, but not limited to the following four categories Financial Services Enterprise Security Device Security Content Distribution Secure keypad for PIN entry based authentication Protection of mobile banking processes e.g. peer-2-peer money transfers Enable mobile point of sale ( POS ) Secure m-banking Identity management (single sign-on, physical access) Mobile VPN Remote device management (lock down, SW upgrades) Smart Metering BYOD Strong user authentication Root management Support second (corporate) identity on phone based on secure PIN, secured VPN, etc.) Automotive Car Key, onboard electronic security Controlled access to content e.g. handling and management of keys and licenses, decoding of encrypted content Protection of premium content Secure m-commerce Mobile Ticketing System 40
MobiCore protected Mobile Point of Sale (MPOS) Use Case Example! I. Merchant starts the App to accept payments II. Merchant types in the price and description III. Customer taps Credit / Debit Card (via NFC) IV. Merchant gets confirmation of transaction MobiCore to secure merchant credentials (1) MobiCore to secure amount of the payment (2) MobiCore to secure payment data from card (3) MobiCore to secure interaction with Gateway (4) (1) Secure Authentication and Secure Storage (2) Secure Touch & Display41 (3) Secure NFC (4) Secure End Point
Contents G&D: Who we are Innovation accelerates: From connected devices to multidimensional network of networks Some numbers Security: An economic factor and its industrial environment G&D: From Cards to Mobile Security Our answer to Mobile Security More to come: Relevance of Security for other industries 42
Combining hardware and software security Applications Mobile Payment Mobile Banking Mobile Ticketing Mobile Visa Mobile Health Services Mobile Public Services 43
(mobile) security is an enabler for the connected world ICT (in Germany): 90 bln E gross value security Smartgrid In-car internet Car 2 car / car 2 X E-grid Cyber production M 2 M Cloud computing Internet of things... IT security (in Germany): ~ 5 bln E gross value 44
Conclusion With the progress of services connected to devices, security will become increasingly important (Mobile) Security is an enabler of scaling in the ICT industry Mobile Security is a complex challenge and requires crossindustry cooperation Europe/Germany is still leading in IP but more activity is needed to stay ahead New business models will emerge 45
Thank You. 46
Live Cartes 2012 demo: MobiCore: Secure Banking App Use Case Example! Android UI to input non-critical data Can be intercepted by malware MobiCore for secure PIN input Pre-defined Personal Identification Codes indicates that input is protected 47
MobiCore allows trusted execution of Rich OS apps in a user-centric, market place-driven business MobiCore offers Protection against malware and device rooting Secure storage of credentials, certificates etc. Secure device identification and device integrity Secure peripherals like touch-screen or display Active management of smart connected devices G&D drives market penetration via partnerships with SiPs and OEMs, and is actively involved in Global Platform standardization Currently working with SiP and OEM partners to integrate MobiCore. MobiCore is currently integrated in Samsung Galaxy S3, Samsung Galaxy Note, with more devices to follow soon 48
ICT a central pillar of our economy The role of the Information- and Communication industry in the German economy 49
A security infrastructure 50
The value chain changes Processor IP (ARM) Security Provider Silicon Provider (SiP) Device Mfacturer OEM/ ODM Device Vendor e.g. MNO Trusted Service Manager Service Provider End User Handset Smartphones with TEE Processor IP (ARM) Silicon Provider (SiP) Device Mfacturer OEM/ ODM Device Vendor e.g. MNO App. Provider End User Handset Todays Smartphones Processor IP (ARM) Silicon Provider (SiP) Device Mfacturer OEM/ ODM Device Vendor e.g. MNO End User Handset 51
G&D offers an Authentication Platform Users / Devices G&D Offering Service Providers Device Component Different authentication methods / approaches Server Component Auth. Internet WAN/LAN OTA Management Service TSM 52
Different Applications demand different levels of security Highest security demand in public & financial sector Additional security elements required for high level security Security Level ehealth, 3rd Party Portal, Government Services, ID Management, mpayment, mbanking Secure FOTA, License Management, OTP, Online Gaming, Online Gambling, Secure Debugging, Mobile TV MobiCore and additional Secure Element madvertising, LBS,Loyalty, Navigation, News Flash, Email Encryption, MP3, Video, Viral Distribution, Logical Access Control, Personal Content Protection, Social Networking (Facebook, MySpace, Xing), Ticketing Source: Articles, Customer Interviews, Internet, Partner Interviews 53
TEE a way for more security in mobile devices? 54