Nearly a decade ago, Samsung set out on a mission to build the most trusted and secure mobile devices in the world. With the introduction of our defense-grade Samsung Knox platform at MWC in 2013, we put in place the key elements of hardware-based security that would help defend Samsung mobile devices and our customers’ data against increasingly sophisticated cyber threats.
Samsung Knox has since evolved into more than a built-in security platform, now encompassing a full suite of mobile management tools for enterprise IT administrators. With Knox security, you’re covered from chip to cloud, whether you’ve chosen the Galaxy S23 series for the embedded S Pen on the S23 Ultra or the foldable Galaxy Z series for the expansive Galaxy Z Fold4 or compact Galaxy Z Flip4. Still, our mobile product planners, developers, and security engineers have remained laser-focused on answering the primary question: How do we remain a step ahead of hackers and keep our users safe at all times?
Samsung Knox Vault represents the latest step in that journey. It’s the logical evolution of something we’ve been working on for years: an isolated, hardware-based, and highly secure environment for the most critical information on your devices.
To understand what Samsung Knox Vault is, let’s first run through a quick history of how the principle of isolation has been a longstanding approach to fortifying Samsung’s Knox mobile security platform.
The evolution of the Samsung Knox platform
In the early days of Android, the main focus was building a more open and flexible mobile operating system. Security was state-of-the-art for the time, inherited from the world of Unix and mainframe computers. But it became clear that smartphones were different. They were the most personal computers anyone had ever built.
Samsung quickly realized we needed to bolster the threat model on such a personal device — particularly for extra protection of critical information such as private keys and digital certificates. That’s where the idea of using trusted execution environments (TEEs) on our mobile devices came in. Within the ARM processors in our Galaxy smartphones, we pioneered the use of TEE-based protections using a feature called TrustZone.
TrustZone isolates the software that manages the most sensitive device data — passwords, biometrics, and cryptographic keys — by running a different OS alongside Android. In this new model, when a password or fingerprint needs to be checked, Android no longer has direct access to your password or fingerprint data. Instead, Android must request a TrustZone applet to do the sensitive work on its behalf, such as decrypting data or verifying your fingerprint. With TrustZone, sensitive cryptographic and biometric data is never exposed to the Android OS or public apps.
Even with highly sophisticated malware, a successful breach of sensitive data would require much more than finding a known Android vulnerability and writing an exploit; it would require simultaneously breaking through the much stricter TrustZone protections. And since TrustZone is so focused, it’s easier to protect with few interfaces or “surfaces” to target. All this makes an attack exponentially harder.
TrustZone, combined with other Samsung Knox platform layers such as Real-Time Kernel Protection, set a new benchmark for hardware-based device security. But for Samsung engineers, security is a passion bordering on obsession. When looking at TEEs, we asked ourselves, “How can we make this even more secure?”
The emergence of Samsung Knox Vault
Any chief information security officer (CISO) would agree that isolation increases security. TrustZone is mostly independent, but there remain overlaps and shared resources between TrustZone and the Android OS. Critically, they share the main central processing unit (CPU) and memory, which puts the onus on low-level software protections to keep information isolated. The more we separate sensitive data from the main OS, the more protected that data will be in the event of a breach. After all, you are only as secure as your weakest link.
Samsung Knox Vault brings a combination of security-specific hardware (a new secure processor and isolated secure memory) and new integrated software that shields your most secure data from the Android OS and applications. The way we think of it, TrustZone was a great safe in the middle of your bank’s branch office. There are a lot of people you don’t necessarily trust walking by the safe, doing day-to-day work that doesn’t require physical access to the safe. The secure processor in Samsung Knox Vault is more like Fort Knox: a safe securely placed far away from the bank, isolated from whoever walks into the branch.
With Samsung Knox Vault, we’ve focused on designing a secure and highly protected place for our own trusted software. Its job is solely to manage and protect the most critical information: PINs, passwords, biometrics, digital certificates, cryptographic keys, and other sensitive information.
How the secure processor adds protection
Samsung Knox Vault is the natural extension of the hardware-based security that Samsung has been building within Galaxy smartphones. Our engineers considered the challenge of enhancing security as a question of trust: What pieces of the system must be trusted? Then: How can we reduce the number of things we trust so we don’t have to worry about that piece being compromised? That line of questioning led us to Samsung Knox Vault, and its key components like the secure processor.
Mobile device management for beginners
Samsung Knox Vault enhances the protection that TrustZone provides. The secure processor operates independently of the main CPU running the Android OS, further enhancing our security posture and minimizing shared components to mitigate potential vectors for attack.
Software-based attack vectors are not the only vectors we analyzed. Samsung also took into consideration “physical” attacks on your smartphone. These are sophisticated attacks by someone who has physical possession of your phone and wants to pry out the secrets inside. When someone tries to tamper with the phone electronics directly — for example through laser light or electromagnetic fault injection — the secure information in the vault can self-destruct so access is prevented.
For many of our customers, these kinds of physical attacks may seem far-fetched; there is a perception that smartphones are stolen because their hardware is profitable, not because they have incredibly important information stored on them. But in the age of the hybrid workplace, more people are now storing highly valuable information on their smartphones including confidential corporate data. That’s not to mention personal Blockchain wallets and password managers. In particular, for our enterprise or government customers who are responsible for protecting sensitive financial, healthcare, or even classified defense information, advanced physical attacks are a legitimate concern.
We’re committed to leaving no stone unturned in mitigating security risks, including these critical edge cases. Fundamentally, Samsung Knox Vault’s physical security gives you another layer of protection, so even hackers who gain physical possession of the device can’t get to the information stored deep inside.
Samsung’s customers have trusted us to be constantly working to improve the security of our hardware and software, and we are grateful for that trust. Samsung Knox Vault — which is integrated into our latest flagship smartphones including the Galaxy S23 series and Z series — shows our commitment to delivering the highest level of security for their mobile devices and most sensitive data.