Applus+ experts participated in the development of the new GlobalPlatform (GP) certification scheme to evaluate Trusted Execution Environments (TEE) in smart devices
Applus+ Laboratories launches a new service to evaluate the security of Trusted Execution Environment under the recently published
GP TEE security certification scheme. As a full member of GlobalPlatform, Applus+ has participated in the development of this new methodology to evaluate TEE security, the attacks that must be performed and the certification process that must followed.
Applus+ was already accredited to
evaluate TEE functionality under GP standards, and now completes its portfolio with security evaluation services.
Trusted Execution Environment
TEE is a separated execution environment that runs alongside the Rich OS. TEE offers a middle ground solution for applications that need a secure and isolated environment (combining hardware and software), but require speed and memory that cannot be provided by a Secure Element.
The TEE can enhance security for any service provider that manages sensitive data, from payment credentials to Digital Rights Management. In the
mobile payment market, TEE can complement existing solutions. It can increase the security of HCE based transactions and improve the user experience for
SE-base payments.
Standardized and certified TEE
GlobalPlatform standardization of TEE offers multiple benefits in a complex environment, such as mobile secure connections. In contrast with TEE proprietary solutions, standardized TEE solutions guarantee a minimum baseline for platform security and interoperability. Standardization also helps to lower costs and brings more trust to all players in the environment. Furthermore, the adoption of standardized TEE is the key to implementing a certification scheme with third-party security and functionality evaluations.