While not a replacement for the embedded chip or other secure elements in NFC phones, the trusted execution environment on ARM-based smartphone processors can complement security of NFC applications, noted U.S.-based Qualcomm.
Qualcomm, which is the largest supplier of smartphone processors worldwide, plans to promote integration of the trusted execution environment, or TEE, with its NFC technology, due on the market later this year. Qualcomm hopes to sell OEMs (original equipment manufacturers) on the combination of NFC and the TEE.
At a presentation in May at the NFC Solutions Summit in San Francisco, Qualcomm’s Neeraj Bhatia noted that the TEE could secure the user interface running on smartphones, including PIN entry connected with an EMV application on a secure element.
The TEE also could secure storage of sensitive data on the handset, safeguard access between the phone and applications on SIM cards or embedded chips and likely enable mobile POS products.
While none of these proposed uses for the TEE is new–and they have been proposed by the joint venture, Trustonic, formed last year between UK-based ARM Holdings and smart card companies Gemalto and Giesecke & Devrient–Qualcomm is making it clear it wants to sell the integration between the TEE on its Snapdragon processor chips with its new NFC technology.
Qualcomm said it expects to have its standalone NFC chip, the QCA1990, in devices during the second half of this year.
“NFC, the way Qualcomm looks at it, is a platform play,” Bhatia said. “It requires complex system-level integration. The trusted execution environment has a very important role to play in the market. It enhances platform-level security, it has really strong intersection with all the verticals that NFC is focusing on, and it’s very complementary to hardware-based secure elements.”
The company will work with one or more of the embedded secure element providers now marketing chips for NFC phones, and NFC Times has learned it might commission its own operating system for embedded chips and hire its own trusted service manager. Qualcomm has denied this.
Processor Intel has hired its own TSM for the embedded chips in its reference designs for smartphones, though Intel has a very small share of the processor market for smartphones, unlike Qualcomm.
“At this time we have not announced any interest or plans for our own secure OS or TSM,” he told NFC Times. “However, as mentioned before we are working with a number of leading eSE and TSM providers.”
Qualcomm already supports digital rights management applications on the trusted execution environment without NFC, such as DRM for Hollywood movies. Keys are stored on the TEE to secure the content.