Okay, it’s time to head out the door, so make sure you have your phone, keys and wallet.
There are a lot of things to carry around, so what if you just had to take your phone with you? After all, your keys and wallet are just legacy authentication tools. We could completely replace them with a phone! That’s the future Google is working towards as it pushes Android forward with support for driver licenses and digital car keys.
Google’s latest work is working to normalize the Android ecosystem around hardware and software, called the “Android Ready SE Alliance,” which does all this work. “SE” is here as a “secure element,” a hardware component quarantined from the rest of the system, designed to run only secure computing functions such as NFC payment. The idea is that phone manufacturers will be able to buy “Android Ready SE” from secure element vendors such as NXP, Thales, STMicroelectronics, Giesecke + Devrient, and Kigen, and Google says the manufacturers SE sales that “come together with Google to create a set of open source, proven and ready – to – use SE Applets” that support these emerging usage issues.
With this new SE customization effort, Google wants to support “digital keys” for your car, home, and office; mobile driver licenses; National IDs; ePassports; and the standard tap-and-go payments. Google notes that this campaign is not just for phones and tablets; Wear OS, Android Automotive, and Android TV are also supported. It’s great to have a car key in your watch or a driver’s license in your car’s computer, but Android TV? Why would I want a driver’s license in my television?
Google outlines the full requirements for Android Ready SE:
- Select the appropriate, certified hardware part from their SE vendor
- Enable SE to boot from boot device and provide root-trust (RoT) parameters via SPI interface or cryptographic connection
- Work with Google to provide Keys / Authentication Certificates in the SE factory
- Use the GA version of the StrongBox for the SE applet, modified according to your SE
- HAL code integration
- Enable SE update tool
- Run CTS / VTS tests for StrongBox to verify that the integration is performed correctly
What is not clear from Google’s announcement is the difference between supporting StrongBox, Android’s standard for tamper-resistant hardware security model, and being tested for “Android” Ready SE. ”StrongBox modules include their own CPU, secure storage, and a true random number generator, and communicate with the rest of the system over Keymaster HAL. StrongBox has been supporting Qualcomm chips through Qualcomm’s “Secure Processing Unit” (SPU) from Snapdragon 845. 2018 Today it looks like even at the lower end of Qualcomm’s line has a Secure Processing Unit, like the Snapdragon 460.
Qualcomm SPU not good enough?
Qualcomm is absently obvious from Google’s blog post and the list of supported chipsets, so does the whole point of this campaign say that secure on-the-fly elements aren’t good enough? The Google Pixel team has certainly moved that way with the development of the Titan M Security Chip in the Pixel 3 and up, and Samsung is now building its own security element, too, for flagship phones. . issues in Android. This may lead one to believe that the blog post is pushing for secure elements that do not die, but it is not clear how Google can use the word “largest” if it does not. -it counts Qualcomm’s SPU We have requested clarification and will update this report if the company gets back to us.
Google isn’t the only company trying to discount your daily load. Apple is working on digital IDs and car keys for iPhones, and Samsung is partnering with individual car manufacturers to try to beat Google to the punch on Android. There have also been plenty of major car apps from companies such as BMW and Tesla.
For now, Google says it prioritizes Mobile driver licenses and car keys. The company says they are working with the ecosystem to deliver the SE applets for both of these use cases “in conjunction with compatible Android feature notifications.” Android for mobile driver licenses API Certificate of Identity launched with Android 11. The holdup here is basically that a local government agency has to pass a law authorizing digital IDs and then an app Make a digital ID. As far as we can tell, there is no Android feature notification for digital car keys yet, even in Android 12. Once that is announced, we hope to support the Car Connect Consortium Digital Key status, Android and iOS would be set to the same car key level.
We keep an eye on.