Google Details New Pixel 2 Security Module

PHOTO: GOOGLE

Google Details New Pixel 2 Security Module

The goal of the new security module, Google said, is to prevent attackers from decrypting your data without knowing your password by reinforcing the lock screen against attacks.

  • By Jessica Davis
  • Nov 16, 2017

In a blog post Tuesday, Google detailed the new tamper-resistant security module built into its new Pixel 2 smartphone. The goal of the new security module, Google said, is to prevent attackers from decrypting your data without knowing your password by reinforcing the lock screen against attacks.

The Pixel 2’s new tamper-resistant security module comes in the form of a chip, separate from the System on a Chip. The chip includes its own flash, RAM, processing unit and other resources inside a single package. In its post about the Pixel 2 security module, Google emphasized the following three features:

  • Lock-screen protection: Android uses your lock-screen password to derive the key that is used to encrypt your data. With this new chip, Google said, “the passcode verification takes place in this secured hardware module instead of the software. Since the dedicated chip is responsible only for this function, it will be difficult for the hackers to employ software-based brute force techniques.”
  • Protection against physical attacks: Because it’s self-contained, the security module chip fully controls its own execution and can resist external tamper attempts. “The package is resistant to physical penetration and designed to resist many side channel attacks, including power analysis, timing analysis, and electromagnetic sniffing,” Google said. “The hardware is also resilient against many physical fault injection techniques including attempts to run outside normal operating conditions, such as wrong voltage, wrong clock speed, or wrong temperature.”
  • Protection against software attacks: The module also helps protect against software-only attacks because of its very small attack surface, which is attributed to its being a dedicated hardware used for few, specific functions.  According to Google, “with passcode verification happening in the security module, even in the event of a full compromise elsewhere, the attacker cannot derive your disk encryption key without compromising the security module first.” The module, Google adds, is designed in a way that ensures nobody, including Google, can update the passcode verification to a weaker version without first knowing your password.

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

  • Brivo, Eagle Eye Networks Merge

    Dean Drako, Chairman of Brivo, the leading global provider of cloud-native access control and smart space technologies, and Founder of Eagle Eye Networks, the global leader in cloud AI video surveillance, today announced the two companies will merge, creating the world’s largest AI cloud-native physical security company. The merged company will operate under the Brivo name and deliver a truly unified cloud-native security platform. Read Now

  • Security Industry Association Announces the 2026 Security Megatrends

    The Security Industry Association (SIA) has identified and forecasted the 2026 Security Megatrends, which form the basis of SIA’s signature annual Security Megatrends report defining the top 10 factors influencing both near- and long-term change in the global security industry. Read Now

  • The Future of Access Control: Cloud-Based Solutions for Safer Workplaces

    Access controls have revolutionized the way we protect our people, assets and operations. Gone are the days of cumbersome keychains and the security liabilities they introduced, but it’s a mistake to think that their evolution has reached its peak. Read Now

  • A Look at AI

    Large language models (LLMs) have taken the world by storm. Within months of OpenAI launching its AI chatbot, ChatGPT, it amassed more than 100 million users, making it the fastest-growing consumer application in history. Read Now

  • First, Do No Harm: Responsibly Applying Artificial Intelligence

    It was 2022 when early LLMs (Large Language Models) brought the term “AI” into mainstream public consciousness and since then, we’ve seen security corporations and integrators attempt to develop their solutions and sales pitches around the biggest tech boom of the 21st century. However, not all “artificial intelligence” is equally suitable for security applications, and it’s essential for end users to remain vigilant in understanding how their solutions are utilizing AI. Read Now

Most   Popular

New Products

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.