GlobalPlatform releases new Trusted Execution Environment specification
26 July, 2010
category: NFC
GlobalPlatform has announced the launch of a Trusted Execution Environment (TEE) Client Application Programming Interface (API) Specification designed to support mobile devices entrusted with sensitive information.
The TEE is a secure area that resides in the main processor of the phone and guarantees that sensitive data is stored, processed and protected in a trusted environment.
With the ability to work independently or complementary to a secure element and standard handset applications, one of the key appeals of the TEE is its capability to create a trusted user interface, according to GlobalPlatform. For example, a mobile payment application can display payment information in a window of the mobile device screen and the end-user can input a PIN to accept the wireless transaction in the same window.
GlobalPlatform’s TEE Client API Specification, designed specifically for smart phone operating systems, establishes communication interoperability and supports the migration of sensitive services into the TEE, enabling an application to become isolated, easier to control and secure, says GP.
Christophe Colas, Chair of GlobalPlatform’s Device Committee, comments, “Downloading applications directly onto a wireless device is increasing in popularity, yet it is raising the end user’s risks towards privacy and theft of sensitive or valuable data. Phones are vulnerable to viruses and malware, and we are not fully aware of the impact such unknown threats will have on a mobile handset. GlobalPlatform supports the use of the TEE as a foundation that will facilitate the deployment of sensitive applications such as digital content protection as well as access to enterprise applications and mobile financial services on a device, while protecting against malicious attacks.
“In addition to launching the specification, we have formed the TEE Road Map Working Group as part of the Device Committee. As well as defining the internal TEE API, the group will generate a white paper explaining the role, definition and value of the TEE, and a road map to facilitate the production of the different versions of the APIs. The specification is a new step to promote the interoperability of the TEE, and with the creation of the working group we will continue to dedicate resources to support this technology in achieving its potential.”