Google Pixel 3's Titan M Chip Security Features Detailed

Share on Facebook Tweet Share Reddit Comment
Google Pixel 3's Titan M Chip Security Features Detailed

Google Pixel 3 and Pixel 3 XL come preloaded with the dedicated Titan M chip

Highlights

  • The Titan M chip on the Pixel 3 family protects on-device data
  • It is integrated into Verified Boot process to secure bootloader
  • The chip has an ARM Cortex-M3 microprocessor and 64KB of RAM

Google earlier this month unveiled the Pixel 3 and Pixel 3 XL as its new flagships. Among other great features, the latest Pixel family comes with a dedicated Titan M chip that is designed to deliver enhanced security. The search giant claims that the new chip offers the best of the Titan chip featured on Google Cloud data centres. It also comes as an upgrade of the tamper-resistant hardware security module available on the Pixel 2 series that protected its lock screen and strengthened disk encryption. The newest chip secures boot loading by getting integrated into the Verified Boot process. It is also touted to secure transactions in third-party apps.

In a blog post, Google has detailed the key features of the Titan M chip featured on the Pixel 3 and Pixel 3 XL. The company claims that with the new silicon, the Pixel 3 models have an "enterprise-grade security" that secures "most sensitive on-device data and operating system". The chip enables the bootloader to validate the Android version of your smartphone. The company says that the chip stores the last known safe Android version and prevents "bad actors" from moving back your handset back to run on an older, potentially vulnerable, Android version. Further, it prevents attempts to unlock the bootloader.

The Titan M chip also powers the lock screen passcode on your Pixel 3. Google says that it "makes the process of guessing multiple password combinations harder" by restricting the number of login attempts. This helps to reduce the amount of unauthorised unlocks. The chip also allows for decryption only upon successfully verifying your actual passcode. Similarly, it makes it harder for attackers to tamper security and gain backdoor access to decrypt your data by securing flash and enable a fully independent computation.

As mobile payments are rising in adoption, Google has also deployed the Titan M chip to secure sensitive transactions. App developers can use StrongBox KeyStore APIs to enable the dedicated chip to generate and store private keys for their apps. Google says that the Google Pay team is already testing out the new APIs that are a part of Android 9. Moreover, the Titan M chip also enables the Protected Confirmation API that exists within Android Pie to protect mobile transactions. "As more processes come online and go mobile -- like e-voting, and P2P money transfers -- these APIs can help to ensure that the user (not malware) has confirmed the transaction," Google's Xiaowen Xin of Android Security team writes in the blog post.

The Titan M chip is also touted to offer insider attack resistance. This means attackers won't be able to alter the scope of the new chip by tweaking its default firmware. Google says that the Titan M firmware "will never be updated unless you have entered your passcode."

A separate blog post on Android Developers portal highlights that since Titan M comes as a separate chip, it mitigates against the "entire classes of hardware-level exploits such as Rowhammer, Spectre, and Meltdown". The chip also resists access to its processor, caches, memory, and persistent storage from being used through the phone's native system. The chip includes an ARM Cortex-M3 microprocessor that is affirmed to resist side-channel attacks and augmented with defensive features "to detect and respond to abnormal conditions". Once powered on, the chip verifies the signature of its flash-based firmware using a built-in public key and then it begins its operations after validating the signature. There is also 64KB of RAM that can also preserve its contents in low-power mode.

Additionally, Google reveals that there are a number of hardware accelerators, including AES, SHA, and a "programmable big number coprocessor" to enable public key algorithms. "These accelerators are flexible and can either be initialised with keys provided by firmware or with chip-specific and hardware-bound keys generated by the Key Manager module. Chip-specific keys are generated internally based on entropy derived from the True Random Number Generator (TRNG), and thus such keys are never externally available outside the chip over its entire lifetime," the company explains in its developer-focused blog post.

Google says that the security will be able to audio the Titan M through its open-source firmware in the coming months. The chip will be exclusive to the new Pixel models, though some Android OEMs are likely to deploy similar technologies on their future phones.

 


Can Google Pixel 3 succeed in India without massive discounts? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download the episode, or just hit the play button below.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

  • Design
  • Display
  • Software
  • Performance
  • Battery Life
  • Camera
  • Value for Money
  • Good
  • Excellent build, comfortable to handle
  • Intuitive software features
  • Very good cameras
  • HDR capable display
  • Excellent stereo speakers
  • Bad
  • Expensive
Display5.50-inch
Processor2.5GHz octa-core
Front Camera8-megapixel + 8-megapixel
Resolution1080x2160 pixels
RAM4GB
OSAndroid 9.0
Storage64GB
Rear Camera12.2-megapixel
Battery Capacity2915mAh
  • Design
  • Display
  • Software
  • Performance
  • Battery Life
  • Camera
  • Value for Money
  • Good
  • Excellent build
  • Intuitive software features
  • Very good cameras
  • HDR capable display
  • Excellent stereo speakers
  • Bad
  • Poor notch design
  • Expensive
Display6.30-inch
Processor2.5GHz octa-core
Front Camera8-megapixel + 8-megapixel
Resolution1440x2960 pixels
RAM4GB
OSAndroid 9.0
Storage64GB
Rear Camera12.2-megapixel
Battery Capacity3430mAh
Cortana Version 3.0 With UI Tweaks, New Utility Features Out in Beta for Android, iOS Users
Jio's Diwali '100 Percent Cashback' Offer Is Live, Rs. 1,699 Annual Recharge With 1.5GB Data per Day Launched
 
 

Advertisement

 

Advertisement