Today at the Global Platform Seminar on Trusted Execution Environments in San Jose, California, ST-Ericsson will be teaming up with Oberthur Technologies, the world’s second largest provider of security and identification solutions and services based on smart card technologies, to demonstrate how the combination of an embedded TEE and a SIM card can bring new values to telecom operators, device makers and end-users.
TEE is a technology offering tamper-proof, secure execution of code and also controls access to peripherals and/or data storage within a mobile device. Embedded in ST-Ericsson’s mobile platforms, the TEE can gather information and interact with the integrated modem to securely monitor the device’s integrity.
The combination of the TEE and the SIM enables to provide information to the network in a seamless way. This solution can help:
- Network operators make a reality based analysis of subsidies and fraud
- Device manufacturers remotely recognize, identify and manage faulty devices
- End-users and law enforcers track and find stolen devices, even if the device has been re-programmed with illegitimate software by the end-user, or, even worse, by mobile thieves
Marc Bertin, Chief Technology Officer of Oberthur Technologies had this to say: “Combining a TEE and our great expertise in mobile security and Over the Air management, this SIM-based solution will bring value to both operators and service providers through risk mitigation when applications with valuable assets run next to malicious applications. This becomes a critical issue when using sensitive data such as payment or identification credentials. I’m glad to announce that this first step opens a way new for services and value for operators and device makers”.
At the Global Platform TEE seminar, Oberthur and ST-Ericsson will show a real-life implementation of a solution where TEE and a SIM card interact to monitor the device and sends an alert message to the network operator, the device maker or the service provider if the integrity of the device is broken. All the actors of the ecosystem can then warn the end user of a problem on their device or even deny access to sensitive services in order to prevent data theft and fraud.
We are pleased to share that ST-Ericsson provides its customers with a fully integrated and customizable Trusted Execution Environment that can be used for a wide range of applications ranging from content protection to payment or device management spanning complete platforms including integrated or external modems.