Google releases Android Q Beta with added biometric authentication support

Introducing Android Q Beta — Google — “In Android Q we’re extending support for passive authentication methods such as face, and adding implicit and explicit authentication flows. In the explicit flow, the user must explicitly confirm the transaction in the TEE during the authentication. The implicit flow is designed for a lighter-weight alternative for transactions with passive authentication. We’ve also improved the fallback for device credentials when needed.”



ETSI mandates hardware security for consumer IoT devices

Technical specification: Cyber Security for Consumer Internet of Things — ETSI — “Provision 4.4-1: Credentials and security-sensitive data shall be stored securely within services and on devices… Secure, trusted storage mechanisms can be used to secure security-sensitive data, such as those provided by a Trusted Execution Environment (TEE) and associated trusted, secure storage, or the secure storage and processing capabilities of software running on a Universal Integrated Circuit Card UICC/embedded Universal Integrated Circuit Card (eUICC).”




NFC World welcomes 120 new members from 43 countries

NFC World+ Knowledge Centre

120 new members from 43 countries joined The NFC World Knowledge Centre in May 2018, bringing our total membership to more than 10,500 executives, technical experts and decision makers at banks, card issuers, mobile network operators, merchants, brands, device makers, regulators and policy makers around the world... More


Google releases SDK for securing applications with TEEs

Introducing Asylo: an open-source framework for confidential computing — Google — “Asylo is an open-source framework and SDK for developing applications that run in trusted execution environments (TEEs)… Previously, developing and running applications in a TEE required specialized knowledge and tools. In addition, implementations have been tied to specific hardware environments. Asylo makes TEEs much more broadly accessible to the developer community, across a range of hardware — both on-premises and in the cloud.”



GlobalPlatform adds biometric security APIs

GlobalPlatform secures biometric authentication and enriches trusted user interaction — GlobalPlatform — “These new APIs enable trusted applications to leverage the device’s biometric sensors, while staying fully isolated from the device OS… Service providers and application developers now have a direct path to provide users with a richer and safer authentication experience and, importantly, to offer trusted biometric authentication that is secured in the hardware of the device’s Trusted Execution Environment (TEE).”


GlobalPlatform explains the role of standards in an increasingly diversified payments landscape

Cover: Standardizing the future of payments in an increasingly diversified world

The increasing diversity of devices, services and players in the mobile payments ecosystem has led to the need for standards and certification to manage fragmentation, prevent fraud and ensure consistent user experience, GlobalPlatform’s Gil Bernabeu explains in a new paper now available to download from the NFC World Knowledge Centre... More








Analysts report on Apple/Visa partnership

“We think a partnership between Apple and Visa would make strategic sense and believe an announcement could happen as early as this fall,” a team of Pacific Crest Securities analysts has concluded in a new report that follows reports suggesting that two are in talks on mobile payments... More



ARM, Gemalto and G&D introduce alternative to NFC secure elements

Trustonic

Trustonic, a joint venture set up by the three companies, will provide TSMs and service providers with the key to their own secure area within a trusted execution environment on an ARM processor, in exchange for a one-off fee, providing an alternative to secure element chips for applications requiring low- to mid-range security. More



Feed for stories about Trusted execution environment (TEE).