Google details how the Titan M chip makes the Pixel 3 secure and safe

Google details how the Titan M chip makes the Pixel 3 secure and safe

The Titan M chip is based on an ARM Cortex-M53 microprocessor and keeps the Pixel 3 secure in four robust ways.

The Pixel 3 phones have a 'verified boot' mechanism which checks if you're running the right version of Android. That mechanism is powered by the custom Titan M chip. The chip keeps a record of the last known safe Android version. It also blocks hackers and malware from downgrading to an older version to exploit security loopholes present in them. In case the phone is infected by a malware, the chip stops the malicious code from unlocking the bootloader and change root-level codes.

The Titan M is based on an ARM Cortex-M3 processor and also helps in keeping the lockscreen secure. Pixel 3 phones (and most Android phones are encrypted) the moment you turn off your screen. The Titan M chip on the Pixel 3 takes things up a notch by enforcing login attempt limits. It also lets the system decrypt if the passcode is verified. As a result, if you forget your passcode, there’s very you can do to recover it.

Google also noted that the Titan M keeps important information like authentication info, payment transaction info, etc. in a secure enclave. The chip itself is kept physically away from the main chipset. That brings down the chances of data getting compromised through side channels. Android 9 comes with StrongBox KeyStore APIs that relies on the Titan M to store private keys of users. Further, there’s a Protected Confirmation API that “help to ensure the user (not malware) has confirmed a transaction.”

The Titan M chip itself is kept secure with a passcode that is set by the user. Without the valid code, the chip’s firmware cannot be updated. As a result, even if the lock screen is bypassed, malicious firmware cannot be installed on the chip, at least in theory.

Google will make the source code of the Titan M firmware public sometime in the future for developers to play with.

The Pixel 3 phones, as a result, seems to be just as secure as the Apple iPhones that also feature a secure enclave in the chip that keeps private keys like transaction info, passwords, etc. sandboxed in a separate unit. Samsung’s flagship devices like the Galaxy Note 9 also feature Knox that mostly do the same thing. Then there are the Blackberry devices that are considered one of the most secure smartphones to use.

Most of Google’s rivals in the smartphone industry, especially the popular flagship phone makers are vying for a larger chunk of the enterprise market. By ensuring hardware-level security for the Pixel 3 phones, Google is pushing for a wider adoption of the Pixel 3 phones in the enterprise segment.