1 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

The future of mobile security

Asaf Ashkenazi Director, Product Management Qualcomm Technologies, Inc.

3 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

Qualcomm® Security Solutions

Qualcomm Security Solutions and Qualcomm SecureMSM are products of Qualcomm Technologies, Inc.

Qualcomm Technologies offers a multidimensional security solution that is designed to help:

• Protect mobile device users and the security and integrity of their mobile devices

• Make device security easier

• Enable access to content with strict copyright protection

Qualcomm®

SecureMSM™ Technology

Authentication Enterprise

Theft Deterrence

Content Protection

4 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

SecureMSM

5 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

Secure

MSM

SecureMSM - Security designed to go deep Secure boot

• A secure system foundation consists of the hardware platform and the code that executes on that platform. Unauthorized modification of that code can lead to a breach of the security system. In order to deter unauthorized modification or replacement of the system stored code, SecureMSM incorporates secure boot.

• Qualcomm Technologies’ secure boot is an on-chip tamper resistant ROM based boot-up process that verifies the authenticity and integrity of critical code and data stored in flash memory.

• Qualcomm Technologies’ secure boot process gains control of the system immediately after reset by executing a known code resident in on-chip ROM. This code is the system’s root of trust that authenticates the code used by the device.

<code>

6 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

SecureMSM - Security designed to go deep Trusted execution environment

• Protect the device’s most valuable assets from malware.

• Qualcomm® Secure Execution Environment, using ARM’s TrustZone technology, is a controlled and separated environment that allows trusted execution of code.

• This code is executed outside of the device operating system. QTI’s Secure Execution Environment is designed to reduce the damage of viruses, Trojans and rootkits.

• Hardware access control to block malware access to critical devices such as touchscreen, camera and fingerprint reader.

Secure MSM

BANKING APP

LOGIN

PASSWORD

login@qualcomm.com

*********

Qualcomm Secure Execution Environment is a product of Qualcomm Technologies, Inc.

7 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

SecureMSM - Security designed to go deep Cryptographic accelerators

• Hardware data encryption, to enhance the performance and security of cryptographic operations.

• High-speed cryptographic accelerators, capable of handling multi-data channels while maintaining context separations.

• Connects to 256-bit secure hardware key that cannot be accessed by software running on the device and can only be used by the cryptographic accelerator.

• An essential part of the device’s security, performance and power efficiency.

ζ#

Secure

MSM

Hello World

CPU

8 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

Authentication

9 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

Your device – your identity

PASS.

BYOD

?

10 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

• Fingerprint − Sensor on device that captures user’s fingerprint designed to provide

added level of security

• Voiceprint − Integrated audio solutions with hardware recognize individual voice

patterns

• Iris − Computer vision technology sophisticated enough to identify unique

attributes of users eyes

• Secure PIN & Anti-Phishing − Secure UI-based PIN authentication

Authentication solutions

A

C

E

B

D

F

11 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

• Secure location

− Supplemental information to authentication from the hardware to help prevent tampering

• Secure time

− Tying time periods to device infrastructure that help authenticate users more securely

Secure location and context

12 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

Your Device – Your Identity

User Experience

Multi Authenticators

Attestation

Privacy

13 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

Theft prevention

14 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

The FCC: “Epidemic of robberies involving smartphones”

1Source: the Office of the New York State Attorney General, SECURE OUR SMARTPHONES INITIATIVE 2Source: London Metropolitan Police 3Source: FCC, http://www.fcc.gov/document/announcement-new-initiatives-combat-smartphone-and-data-theft

More than 40% of all robberies in New York City involve smartphones and other cell phones3

In 2013, nearly half (49%) of London robberies involved a mobile device2

Other major cities have similar statistics, with robberies involving cell phones comprising 30-40% of all robberies3

Robberies are, by definition, violent crimes, and there are many instances of robberies targeting cell phones resulting in serious injury or even death3

In 2013, thieves stole an estimated 3.1 million mobile devices in the United States1

15 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

Kill Switch components

Device

Device Lock

Control

Kill switch Backend

Database

Lock/unlock

16 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

Concern #1: Fraudulent kill command

Device

Device Lock

Control

Kill switch Backend

Database

Locked

17 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

Concern #2: Factory reset / re-flash attack

Locked Unlocked Factory

Reset Phone Stolen phone

Phone Unlock Tool

18 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

Qualcomm Technologies, Inc. kill switch client* Built on top of SecureMSM

Kill switch Guardian

Device Kill

Function

Authentication Engine

Lock

Unlock

Kill switch Backend

Database

Inside the device

19 ©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

For more information on Qualcomm, visit us at: www.qualcomm.com & www.qualcomm.com/blog

©2013-2014 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved. Qualcomm and SecureMSM are trademarks of Qualcomm Incorporated, registered in the United States and other countries. Uplinq is a trademark of Qualcomm Incorporated. All Qualcomm Incorporated trademarks are used with permission. Other products and brand names may be trademarks or registered trademarks of their respective owners. References in this presentation to “Qualcomm” may mean Qualcomm Incorporated, Qualcomm Technologies, Inc., and/or other subsidiaries or business units within the Qualcomm corporate structure, as applicable. Qualcomm Incorporated includes Qualcomm’s licensing business, QTL, and the vast majority of its patent portfolio. Qualcomm Technologies, Inc., a wholly-owned subsidiary of Qualcomm Incorporated, operates, along with its subsidiaries, substantially all of Qualcomm’s engineering, research and development functions, and substantially all of its product and services businesses, including its semiconductor business, QCT.

Thank you FOLLOW US ON: