Mobile Devices are everywhere; they are our door to the virtual world and provide us an extensive list of new services and applications. NFC payment, access to media contents, access to public transport, access to restricted areas or services, biometric authentication, etc.
All of the use cases above and many more require the mobile device to handle sensitive data, for instance: passwords, biometric templates, PINs, payment tokens and limited keys.
So far, the best way to get end user critical data protected in a mobile device has been using what is known as the Secure Element (SE). SE however, has some constraints, such us small memory size, limited process capacity and difficult to interact with. On the other hand, data can also be protected in the mobile phone by using software-based secure technologies which do not rely on hardware-based technology at all. At this point of time, software-based technologies are not mature and therefore offer a less degree of protection than the SE.
Nevertheless, there is a midway - The Trusted Execution Environment (TEE). This offers a tradeoff between SE and software-based security. It provides a good level of protection while flexible enough to address the needs of new mobile applications.
In this context, UL is the best partner to help our customers to get ready to meet GP security requirements and guide them to successfully achieve TEE GP Certification.
UL is a GlobalPlatform pre-certified laboratory according to GlobalPlatform TEE Certification Scheme to provide TEE Security Evaluation.
Any TEE developer can leverage on UL expertise to get their product successfully evaluated and certified by GlobalPlatform.
GlobalPlatform has developed the TEE Certification Program which creates a framework enabling vendors to claim conformance of their TEE products, according to GlobalPlatform TEE Protection Profile.
UL will walk their customers through the GlobalPlatform TEE Certification process to get completely prepared and to be successful on it.