Things only the user IS:
We’re on the verge of a new era of smart connected devices, generating a wealth of information about our environment and ourselves. As connected devices increase in number, malicious attacks and privacy violations are of mounting concern. To deal with these issues, we envision security that provides seamless authentication and preemptive protection while enhancing user privacy.
Security & Privacy Vision
Jun 29, 2015
Today’s passwords provide some security, but they’re inconvenient. We foresee users being continuously and seamlessly authenticated based on who they are, what they do, and the devices they have. Users can be naturally authenticated as they use their devices throughout their daily activities. To provide a convenient, user-friendly experience, the authentication engine automatically chooses the appropriate combination of factors, while staying within the power and thermal constrains of mobile devices.
Things only the user IS:
Things only the user DOES:
Things only the user HAS:
Traditional signature-based security solutions can only detect a limited amount of known malware that has been previously identified and assigned a signature. We envision security solutions that provide early detection of unknown malicious attacks through machine learning-based behavioral analysis. This complements signature-based security solutions by identifying transformed and unknown malware through the detection of abnormal behaviors.
Today, users may need to share their personal data in order to enjoy personalized experiences. We believe that users should be able to control their personal info and be aware of possible privacy violations and unnecessary sharing of that data. Future security solutions will enhance user privacy through on-device processing, data encryption, and behavioral analysis solutions that continuously monitor and flag suspicious activities.
We foresee personal data staying protected with on-device security solutions. On-device processing provides several benefits:
Ability to enjoy services without the need to upload sensitive personal data to the cloud
On-device storage of keys and biometric data
Ability to deal with zero-day malware and phishing attacks
Adapting to device capabilities and user preferences
Building industry leading security solutions starts with creating a hardware-based secure foundation. Hardware based solutions provide a high degree of security and robustness without compromising performance or power efficiency. For example, cryptographic accelerators enhance performance and security with hardware keys that are inaccessible to software. Through its secure execution environment, a hardware-based solution enables secure boot and trusted execution of code, offering various benefits:
Ensuring overall system security and device health by embedding security in silicon and firmware
Providing robust security with minimal overhead and maximum power efficiency
Exposing hardware-based security services to 3rd parties through standards
Cognitive technologies are making security more intuitive, enabling more robust security and increasing the protection of user privacy. Behavioral analysis uses machine learning to classify device and user activity, detecting any anomaly. For example, it can detect if a gaming application is trying to access the user’s health record and flag this activity.
Selecting appropriate authentication factors based on context and availability
Identifying unknown and transformational malware
Identifying privacy violations and abnormal behaviors
By building on our hardware-based foundation, we’ve offered proven security solutions for billions of devices since Qualcomm SecureMSM technology was introduced in 2008. We take a holistic system approach, working on end-to-end solutions with custom-designed security hardware.