Google Details New Pixel 2 Security Module

PHOTO: GOOGLE

Google Details New Pixel 2 Security Module

The goal of the new security module, Google said, is to prevent attackers from decrypting your data without knowing your password by reinforcing the lock screen against attacks.

  • By Jessica Davis
  • Nov 16, 2017

In a blog post Tuesday, Google detailed the new tamper-resistant security module built into its new Pixel 2 smartphone. The goal of the new security module, Google said, is to prevent attackers from decrypting your data without knowing your password by reinforcing the lock screen against attacks.

The Pixel 2’s new tamper-resistant security module comes in the form of a chip, separate from the System on a Chip. The chip includes its own flash, RAM, processing unit and other resources inside a single package. In its post about the Pixel 2 security module, Google emphasized the following three features:

  • Lock-screen protection: Android uses your lock-screen password to derive the key that is used to encrypt your data. With this new chip, Google said, “the passcode verification takes place in this secured hardware module instead of the software. Since the dedicated chip is responsible only for this function, it will be difficult for the hackers to employ software-based brute force techniques.”
  • Protection against physical attacks: Because it’s self-contained, the security module chip fully controls its own execution and can resist external tamper attempts. “The package is resistant to physical penetration and designed to resist many side channel attacks, including power analysis, timing analysis, and electromagnetic sniffing,” Google said. “The hardware is also resilient against many physical fault injection techniques including attempts to run outside normal operating conditions, such as wrong voltage, wrong clock speed, or wrong temperature.”
  • Protection against software attacks: The module also helps protect against software-only attacks because of its very small attack surface, which is attributed to its being a dedicated hardware used for few, specific functions.  According to Google, “with passcode verification happening in the security module, even in the event of a full compromise elsewhere, the attacker cannot derive your disk encryption key without compromising the security module first.” The module, Google adds, is designed in a way that ensures nobody, including Google, can update the passcode verification to a weaker version without first knowing your password.

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

  • The Future of Access Control: Cloud-Based Solutions for Safer Workplaces

    Access controls have revolutionized the way we protect our people, assets and operations. Gone are the days of cumbersome keychains and the security liabilities they introduced, but it’s a mistake to think that their evolution has reached its peak. Read Now

  • A Look at AI

    Large language models (LLMs) have taken the world by storm. Within months of OpenAI launching its AI chatbot, ChatGPT, it amassed more than 100 million users, making it the fastest-growing consumer application in history. Read Now

  • First, Do No Harm: Responsibly Applying Artificial Intelligence

    It was 2022 when early LLMs (Large Language Models) brought the term “AI” into mainstream public consciousness and since then, we’ve seen security corporations and integrators attempt to develop their solutions and sales pitches around the biggest tech boom of the 21st century. However, not all “artificial intelligence” is equally suitable for security applications, and it’s essential for end users to remain vigilant in understanding how their solutions are utilizing AI. Read Now

  • Improve Incident Response With Intelligent Cloud Video Surveillance

    Video surveillance is a vital part of business security, helping institutions protect against everyday threats for increased employee, customer, and student safety. However, many outdated surveillance solutions lack the ability to offer immediate insights into critical incidents. This slows down investigations and limits how effectively teams can respond to situations, creating greater risks for the organization. Read Now

  • Security Today Announces 2025 CyberSecured Award Winners

    Security Today is pleased to announce the 2025 CyberSecured Awards winners. Sixteen companies are being recognized this year for their network products and other cybersecurity initiatives that secure our world today. Read Now

Most   Popular

New Products

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.