Fri. Aug 14th, 2020

Google added a Android Protected Confirmation API to Android P

2 min read

At present, Google has already used some Titan M chips on its own Android devices to support the protected confirmation mode in the latest version of Android to prevent attacks and fraud.

The Protected Confirmation mode is designed to ensure that users are not fraudulent when making transaction confirmations, which may come from applications or hackers.

Critical applications can call protected acknowledge mode:

According to Google’s design application, the protected confirmation mode can be freely called, and the control will be handed over to the pattern, and the transaction data will be displayed on the screen.

Then, the user is given the full details of the verification data and the transaction information. When the confirmation is clicked, the data will be signed and encrypted and cannot be forged.

The key security technology is that the encryption key only exists in the hardware sandbox of the protected acknowledge mode, so any malicious application can’t defraud the user.

New technology promotion will take more time:

Although Android already supports this new technology, it still needs the support of the manufacturer, that is, the dedicated Titan M chip can be added to the device.

At the same time, regarding encryption, the key is negotiated between the device and the counterparty, such as a bank contract. Each time the transaction confers an encryption key, the data can be encrypted.

Therefore, this aspect can also be used by technical support from banks or payment websites. Currently, only a few US banks support this feature.

Google said the company is working with other mobile device manufacturers to push more smartphones with Titan M chips to protect users’ transactions.

Via: xda-developers