Giesecke & Devrient
Mobile Sicherheitein sicheres Ecosystem für die mobile Kommunikation 22.04.2010
Dr. Kai Grassie SVP, CTO Darmstadt, 13.12.2012
Contents � G&D: Who we are � Innovation accelerates: From connected devices to multidimensional network of networks � Some numbers… � Security: An economic factor and its industrial environment � G&D: From Cards to Mobile Security � Our answer to Mobile Security � More to come: Relevance of Security for other industries
Ein sicheres Ecosystem für die mobile Kommunikation
2
G&D has been growing through continuous innovation Global leader in secure solutions
Server software and services
Token and embedded security Cards for payment and telecommunications
Government solutions
Banknote processing Banknote and security paper Banknote and security printing 1852 Ein sicheres Ecosystem für die mobile Kommunikation
2012 3
The strategic cornerstones of our success
Banknote solutions
Trusted brand
Government solutions
Innovativeness
Mobile security
Ein sicheres Ecosystem für die mobile Kommunikation
4
Global presence
Contents � G&D: Who we are � Innovation accelerates: From connected devices to multidimensional network of networks � Some numbers… � Security: An economic factor and its industrial environment � G&D: From Cards to Mobile Security � Our answer to Mobile Security � More to come: Relevance of Security for other industries
Ein sicheres Ecosystem für die mobile Kommunikation
5
Connectivity enables convergence of devices and applications… at work
at home
productivity
UWB
Ethernet 802.11
entertainment DWB cellular 802.11
802.11 hotspots
on the move
NFC BT
802.11 NFC BT
mobile
... and create a seamless environment for the user Ein sicheres Ecosystem für die mobile Kommunikation
6
Some trends… Technological Trends
Impact in society
Connected systems Converging technologies Mobile > Desktop Open source technologies Distributed systems Real time Location based Universal devices High bandwidth Processing power Miniaturization Ein sicheres Ecosystem für die mobile Kommunikation
Social networks Digital identities BYOD Always online Shopping Entertainment Reading Information sharing/gathering Publishing Manufacturing 7
Change of paradigm: From connected devices… … towards a multidimensional network of networks � (Mobile) consumer devices � Clients Cloud Cloud222 Cloud Cloud 2
Cloud 1
Cloud 3
… our entire industrial, governmental and social processes depend on it… Ein sicheres Ecosystem für die mobile Kommunikation
8
Contents � G&D: Who we are � Innovation accelerates: From connected devices to multidimensional network of networks � Some numbers… � Security: An economic factor and its industrial environment � G&D: From Cards to Mobile Security � Our answer to Mobile Security � More to come: Relevance of Security for other industries
Ein sicheres Ecosystem für die mobile Kommunikation
9
Business motivation: Mobile communication
The numbers are stunning!
Ein sicheres Ecosystem für die mobile Kommunikation
10
Smartphones and tablets are extremely appealing due to better affordability and lower tariffs More Smartphones sold than PC by 2014, at price down to $100 (Gartner)
Smartphone share will grow to 75%within in the next 5 years; in 2013 1.2b devices will be sold
20% Smartphones account for 80% of all data revenues
Used like never before for web, mail, banking, remote access
More than 500,000 apps - Apple leads but Android is catching up
Fast growing revenue from apps: $3,2 bn in 2010 - $21 bn in 2014
Security concerns among online payment subscriber have increased by nearly 50%
Ein sicheres Ecosystem für die mobile Kommunikation
11
Stunning dynamics!!!
Ein sicheres Ecosystem für die mobile Kommunikation
12
Very appealing: Transactions with smartphones! � US$180bn worth of transactions with NFC phones in 2017 (Juniper Research). � 1 in 4 of US and Western European mobile phone users will use their NFC-enabled mobile phone to pay for goods instore by 2017, compared with less than 2% in 2012. (Juniper Research) � Paypal handles US$3bn in mobile payments/per year (about 10 Mio a day) � Mobile payment volume in 2012: US$171bn, in 2016: US$617bn (Gartner) � 1bn Facebook accounts, 60% are mobile users Ein sicheres Ecosystem für die mobile Kommunikation
13
Contents � G&D: Who we are � Innovation accelerates: From connected devices to multidimensional network of networks � Some numbers… � Security: An economic factor and its industrial environment � G&D: From Cards to Mobile Security � Our answer to Mobile Security � More to come: Relevance of Security for other industries
Ein sicheres Ecosystem für die mobile Kommunikation
14
But: Security threats are becoming critical
ICT trends create new security challenges
Ein sicheres Ecosystem für die mobile Kommunikation
15
Smartphones and tablets are of high interest for cyber criminals for various reasons Huge growth. In particular Android
The way they are used
“Smartphones will outnumber PCs by 2013. Will be most common device for accessing the Internet.”
• Web, email, banking, shopping, … • Remote access for growing mobile workforce • Sensitive data on device (contacts, emails, docs, credentials, …) • BYOD1) bring new challenges
Gartner predictions 2011
1)
Less security-aware as for PCs
Easy apps distribution via stores • • • •
Bring Your Own Device
“62% download apps without checking if from trusted source.”
Up to 30k new apps per month A lot free-of-charge App downloads/day in millions Google’s open model less restrictive than Apple
Ponemon March 2011
84% protected by But only 10% of security SW Smartphones Kaspersky News April 2011
“Just 32% believe information stored or transmitted by their mobile phone is secure” Oracle 2011
Ein sicheres Ecosystem für die mobile Kommunikation
16
A vicious cycle: Mobile malware is spreading fast …while more apps are being used
Mobile Malware is increasing strongly more than 85% of affected devices are Android based
5x more minutes are spent using Apps than using the Mobile Web
+700%
New mobile malware in 2Q/2012
New mobile malware in 1Q/2012
Source: Nielsen Smartphone Analytics / G&D Analysis, 2012
Source: McAfee Threats Report; Second Quarter 2012
Ein sicheres Ecosystem für die mobile Kommunikation
17
Will the PC experience repeat itself in the mobile world? Man-in-the middle attacks Hijacking Rerouting
DNS Spoofing
Password sniffers
Pharming
Phishing
Ein sicheres Ecosystem für die mobile Kommunikation
18
When mobile apps are the target Sophisticated attacks can outwit authentication mechanisms:
username / password
PKI device
internet
OTP device
Server
• The application / the browser is the new target: • Malware infects the browser/app (exploiting default interfaces)
Mobile as authentication device
• After the authentication the malware takes control of the browser and performs own operations in the name of the legitimate user • The malware displays to user what he expects to see, not what is really happening
Ein sicheres Ecosystem für die mobile Kommunikation
19
“Security” is a key industry – but the German industry has to act fast…
Ein sicheres Ecosystem für die mobile Kommunikation
20
Contents � G&D: Who we are � Innovation accelerates: From connected devices to multidimensional network of networks � Some numbers… � Security: An economic factor and its industrial environment � G&D: From Cards to Mobile Security � Our answer to Mobile Security � More to come: Relevance of Security for other industries
Ein sicheres Ecosystem für die mobile Kommunikation
21
Convergence of daily life security-based applications
Pay
Communicate
Convergence
Identify
Ein sicheres Ecosystem für die mobile Kommunikation
22
Trend: Convergence of daily life security-based applications
Pay
Communicate
Convergence
Identify
Ein sicheres Ecosystem für die mobile Kommunikation
23
Many opportunities for G&D… Retail
Tradem. Prot.
Enter prise
Smart Home
Telematik
Autom.
Content
Govern ment
Health
Cloud
Banks
Trans port
MNOs Secure Secure Device Device
Trusted Service Management
MNOs
Banks
Cards for Payment and Telecom... Ein sicheres Ecosystem für die mobile Kommunikation
24
…
Contents � G&D: Who we are � Innovation accelerates: From connected devices to multidimensional network of networks � Some numbers… � Security: An economic factor and its industrial environment � G&D: From Cards to Mobile Security � Our answer to Mobile Security � More to come: Relevance of Security for other industries
Ein sicheres Ecosystem für die mobile Kommunikation
25
What answers does the industry offer? Embedded SE
Removable SE
TrustZone & MobiCore
SIM-based SE
SE = Secure Element Ein sicheres Ecosystem für die mobile Kommunikation
26
TEE – the glue between hardware and applications
Mobile Payment
Mobile Banking
Mobile Ticketing
Mobile Visa
Mobile Health Services
Mobile Public Services
G&D Trusted Service Management MobiCore®
Ein sicheres Ecosystem für die mobile Kommunikation
27
What problems do we need to solve with a TEE? Isolation of critical code: �
Reduced security perimeter implies less effort to achieve higher security with greater stability.
Need for hardware level protection: �
Hacking became a very profitable business. Cost to hack systems needs to be greater than its potential benefits.
Fragmentation, compatibility and economies of scale: �
Custom hardware around the CPU to create secure world partition represents higher costs and slower adoption.
Secure Peripherals: �
Integration of security relevant peripherals such as secure keypad, display, I/O in the security environment
Complement the smartcard or TPMs: �
Processing power, throughput, cost, user interface.
Debug: �
Application development environment and debug opens many vulnerable windows.
Ein sicheres Ecosystem für die mobile Kommunikation
28
MobiCore® is a Trusted Execution Environment designed to run on ARM TrustZone® enabled System on Chips � MobiCore OS offers a Trusted Execution Environment (TEE) on the application processor � The TEE is integrated via the secure boot process � Secure services called Trustlets can run on the TEE which is isolated from the Rich OS (e.g. Android) � Multiple Trustlets can run in parallel and independently from each other in a secure mode � Trustlets can be provisioned and managed Over The Air (OTA) via the MobiCore Trusted Service Manager � Applications downloaded from e.g. Google Play (Market) provide the user interaction interface
Ein sicheres Ecosystem für die mobile Kommunikation
29
Five Key Features for higher mobile device security and tighter control Secure Runtime Environment
Secure environment for apps & services
Secure I/O
Secure keypad & secure display
Secure Storage
OTA Management
Secure End Point
Secure storage of PIN & user credential
OTA mgmt of apps & credentials
Secure identification of users & devices
Security
Ein sicheres Ecosystem für die mobile Kommunikation
Control
30
A preventive security solution, protecting most of currently known cyber attacks Mobile Device Processor
Hardware peripherals � (UI) like display, keypad, touch, etc � Data Connection like WLAN, Bluetooth, Infrared
Normal World
Secure World
Rich OS Apps App App 11
App App 22
ARM® TrustZone® with MobiCore® App App nn Trustlets
Trustlet Trustlet Connector Connector (TLV) (TLV)
SIM
Rich Rich OS OS MobiCore MobiCore OS OS –– Trusted Trusted Execution Execution Environment Environment
� Microphone, Speaker
Runtime Mgmt.
� Camera � etc.
Crypto Driver
Keypad Driver, etc.
G&D Microkernel
TEE TEE Driver Driver Kernel Kernel Module Module
Without MobiCore With MobiCore
Ein sicheres Ecosystem für die mobile Kommunikation
31
Embedded processor & storage
eSE / SD Card Embedded processor & storage
MobiCore secures applications in three steps Mobile Device Processor Isolation of security relevant functions of applications in MobiCore trustlets
Normal World
Secure World
Rich OS Apps App App 11
App App 22
ARM® TrustZone® with MobiCore®
Access to secured space on TEE
App App nn Trustlets
Trustlet Trustlet Connector Connector (TLV) (TLV) Rich Rich OS OS MobiCore MobiCore OS OS –– Trusted Trusted Execution Execution Environment Environment Runtime Mgmt.
Crypto Driver
Keypad Driver, etc.
G&D Microkernel
TEE TEE Driver Driver Kernel Kernel Module Module
With MobiCore
Ein sicheres Ecosystem für die mobile Kommunikation
32
OTA Deployment and Lifecycle Management of MobiCore trustlets
Applications can be secured with Trustlets, covering security relevant functionalities Mobile Device Processor Secure relevant application functions need to be isolated into a trustlet
Normal World
Secure World
Rich OS Apps App App 11
App App 22
ARM® TrustZone® with MobiCore® App App nn Trustlets
Trustlet Trustlet Connector Connector (TLV) (TLV) Rich Rich OS OS MobiCore MobiCore OS OS –– Trusted Trusted Execution Execution Environment Environment Runtime Mgmt.
Trustlet to be connected via a Trustlet Connector
Crypto Driver
Keypad Driver, etc.
G&D Microkernel
TEE TEE Driver Driver Kernel Kernel Module Module
With MobiCore
Ein sicheres Ecosystem für die mobile Kommunikation
33
Trustlets can then be processed in ARM TrustZone
To utilize trustlets within the TrustZone, secure runtime needs to be set up Mobile Device Processor Normal World Regular “normal world” applications
Secure World
Rich OS Apps App App 11
App App 22
ARM® TrustZone® with MobiCore® App App nn Trustlets
Secured parts of “normal world” applications
Trustlet Trustlet Connector Connector (TLV) (TLV) Rich Rich OS OS MobiCore MobiCore OS OS –– Trusted Trusted Execution Execution Environment Environment Runtime Mgmt.
Regular, unsecure OS (Android)
Crypto Driver
Keypad Driver, etc.
G&D Microkernel
TEE TEE Driver Driver Kernel Kernel Module Module
With MobiCore
Ein sicheres Ecosystem für die mobile Kommunikation
34
Secure OS MobiCore
The Trusted Service Manager (TSM) deploys and manages OTA all trustlets and secured applications
Data
OTA
Service Providers Trusted Service Manager
Trusted Service Manager � Hosted service � A neutral and based on TSM established security centre offering enabler in the highest security finance and and service levels. telecommunications industries.
Ein sicheres Ecosystem für die mobile Kommunikation
� Personalized OTA access and lifecycle management for data and operations to unlimited number of devices.
35
Mobile Devices are TEE enabled during production and activated OTA in the field Delivery of Trustlets
Service Providers
Back-End and Service Enabler Key and device identity to backend
Hand over control to SM Trusted Service Manager App Store
Delivery of “regular” apps
OEM Device Factory Device binding during production
Ein sicheres Ecosystem für die mobile Kommunikation
User enjoys comfort of secured applications
36
Advantages for eco system players Support of Open App Based Environment
MobiCore Advantages
� TEE takes main application processor security serious by securing hardware access instead of securing only software
End User Friendly Security
� End User determines security activation of apps. � Trustlets do not impact performance or ease of use
Cost Efficiency for service providers
� TEE is activated based on end user need for secured applications � TEE business model is based on “pay per usage”
OTA Content Management
� TEE and its secure features can be actively managed over the air (OTA) by a TSM during device lifecycle
Service provider neutral and agnostic
� TEE offers dedicated and isolated secure runtime for service providers enabling diverse secure services
Ein sicheres Ecosystem für die mobile Kommunikation
37
Enablement of secured services for various industry segments Service Provider
Trusted Service Manager
Web Frontend Platforms & Services
TEE Access Management
Personalization
Service Management
Service Management Framework (SP Provisioning Agent)
Embedded Software
Mobile Money
Mobile Enterprise
Mobile Authentication
Mobile Ticketing
Mobile Loyalty
Credit, Debit, Wallet, eCash, …
Mail, Office, Network, ERP, …
Endpoint, ID, Signature, …
Transport, Events, …
Membership, Retail, Coupons, …
Service Provider Device Interface
TEE Components
Ein sicheres Ecosystem für die mobile Kommunikation
Secure OS Secure Chip
38
� Web Access � MobiCore Trusted Services � Service Mgmt. Framework Mobile Authentication � Trustlets � Secure Applications / Solutions � Service Provider Device interface
To manage complexity of the eco-system, the TEE business logic needs to be transparent for all stakeholders
Back End Stores device specific authentication keys
MC Keys
OEMs Produce devices and serialize them with MobiCore
OEM
SE
BE
TSM
Distribution Channel Sup por t
SiP
ARM
MNO / SP
Devices
SiPs Incorporate MobiCore into Chipsets ARM Provide hardware architecture with TEE(TrustZone) to SiP‘s
TSM Provides key management services and acquires access keys
Service Enabler Unlocks MobiCore container for use by TSM (selling keys)
APP Market
Management eco-system End User Ultimately generates value by using secure apps
HW MobiCore Technology Enabler
TrustZone
Ein sicheres Ecosystem für die mobile Kommunikation
MobiCore Eco-System 39
MNOs Distribute MobiCore enabled devices SPs Develop / provide apps and authorizes device specific container activation via apps developer Application Market Receives request from end user for application download to device
A large range of use cases, but not limited to the following four categories
Financial Services � Secure keypad for PIN entry based authentication � Protection of mobile banking processes e.g. peer-2-peer money transfers � Enable mobile point of sale (‘POS’) � Secure m-banking � …
Ein sicheres Ecosystem für die mobile Kommunikation
Enterprise Security � Identity management (single sign-on, physical access) � Mobile VPN � Remote device management (lock down, SW upgrades) � Smart Metering � BYOD � …
40
Device Security � Strong user authentication � Root management � Support second (corporate) identity on phone based on secure PIN, secured VPN, etc.) � Automotive – Car Key, onboard electronic security � …
Content Distribution � Controlled access to content e.g. handling and management of keys and licenses, decoding of encrypted content � Protection of premium content � Secure m-commerce � Mobile Ticketing System � …
MobiCore protected Mobile Point of Sale (MPOS)
I. Merchant starts the App to accept payments MobiCore to secure merchant credentials (1)
II. Merchant types in the price and description MobiCore to secure amount of the payment (2) (1) Secure
Ein sicheres Ecosystem für die mobile Kommunikation
III. Customer taps Credit / Debit Card (via NFC) MobiCore to secure payment data from card (3)
Authentication and Secure Storage Secure Touch & Display41 (3) Secure NFC (4) Secure End Point (2)
Use C Exam ase ple!
IV. Merchant gets confirmation of transaction MobiCore to secure interaction with Gateway (4)
Contents � G&D: Who we are � Innovation accelerates: From connected devices to multidimensional network of networks � Some numbers… � Security: An economic factor and its industrial environment � G&D: From Cards to Mobile Security � Our answer to Mobile Security � More to come: Relevance of Security for other industries
Ein sicheres Ecosystem für die mobile Kommunikation
42
Combining hardware and software security Applications
Mobile Payment
Mobile Banking
Ein sicheres Ecosystem für die mobile Kommunikation
Mobile Ticketing
Mobile Visa
43
Mobile Health Services
Mobile Public Services
… (mobile) security is an enabler for the connected world
IT security (in Germany): ~ 5 bln E gross value Ein sicheres Ecosystem für die mobile Kommunikation
44
...
Internet of things
Cloud computing
M2M
Cyber production security
E-grid
Car 2 car / car 2 X
In-car internet
Smartgrid
ICT (in Germany): 90 bln E gross value
Conclusion � With the progress of services connected to devices, security will become increasingly important � (Mobile) Security is an enabler of scaling in the ICT industry � Mobile Security is a complex challenge and requires crossindustry cooperation � Europe/Germany is still leading in IP – but more activity is needed to stay ahead � New business models will emerge
Ein sicheres Ecosystem für die mobile Kommunikation
45
Thank You.
Ein sicheres Ecosystem für die mobile Kommunikation
46
Live Cartes 2012 demo: MobiCore: Secure Banking
� MobiCore for secure PIN input � Pre-defined Personal Identification Codes indicates that input is protected
� Android UI to input non-critical data � Can be intercepted by malware
Ein sicheres Ecosystem für die mobile Kommunikation
Use C App Exam ase ple!
47
MobiCore® allows trusted execution of Rich OS apps in a user-centric, market place-driven business � MobiCore® offers �
Protection against malware and device rooting
�
Secure storage of credentials, certificates etc.
�
Secure device identification and device integrity
�
Secure peripherals like touch-screen or display
�
Active management of smart connected devices
� G&D drives market penetration via partnerships with SiPs and OEMs, and is actively involved in Global Platform standardization � Currently working with SiP and OEM partners to integrate MobiCore. MobiCore® is currently integrated in Samsung Galaxy S3, Samsung Galaxy Note, with more devices to follow soon
Ein sicheres Ecosystem für die mobile Kommunikation
48
ICT – a central pillar of our economy
The role of the Information- and Communication industry in the German economy Ein sicheres Ecosystem für die mobile Kommunikation
49
A security infrastructure
Ein sicheres Ecosystem für die mobile Kommunikation
50
The value chain changes…
Device Mfacturer OEM/ ODM
Device Vendor e.g. MNO
Device Mfacturer OEM/ ODM
Device Vendor e.g. MNO
App. Provider
Device Mfacturer OEM/ ODM
Device Vendor e.g. MNO
End User Handset
Processor IP (ARM)
Security Provider
Silicon Provider (SiP)
Processor IP (ARM)
Silicon Provider (SiP)
Processor IP (ARM)
Silicon Provider (SiP)
Ein sicheres Ecosystem für die mobile Kommunikation
51
Trusted Service Manager
End User Handset
Service Provider
End User Handset
Todays Smartphones
Smartphones with TEE
G&D offers an Authentication Platform G&D Offering
Users / Devices
Service Providers
Different authentication methods / approaches
Device Component
Server Component Auth.
Internet WAN/LAN
OTA Management Service
TSM
Ein sicheres Ecosystem für die mobile Kommunikation
52
Different Applications demand different levels of security � Highest security demand in public & financial sector
� Additional security elements
Se cu r
ity Le ve l
required for high level security
eHealth, 3rd Party Portal, Government Services, ID Management, mPayment, mBanking
Secure FOTA, License Management, OTP, Online Gaming, Online Gambling, Secure Debugging, Mobile TV
mAdvertising, LBS ,Loyalty, Navigation, News Flash, Email Encryption, MP3, Video, Viral Distribution, Logical Access Control, Personal Content Protection, Social Networking (Facebook, MySpace, Xing), Ticketing Source: Articles, Customer Interviews, Internet, Partner Interviews …
Ein sicheres Ecosystem für die mobile Kommunikation
53
MobiCore and additional Secure Element
TEE – a way for more security in mobile devices?
Ein sicheres Ecosystem für die mobile Kommunikation
54
