ARM joint venture aims to secure phones and tablets

ARM joint venture aims to secure phones and tablets

Summary: A Cambridge-based joint venture with mobile security experts Gemalto and Giesecke & Devrient provides ARM's answer to Intel's McAfee acquisition, which was largely aimed at the same market

SHARE:
TOPICS: Security, Processors
1

ARM, the British engineering firm whose processor design is found in almost every mobile handset, has revealed a partnership dedicated to developing a common security standard for all connected devices.

The joint venture with security technology firms Gemalto and Giesecke & Devrient will be set up in Cambridge, where ARM is headquartered. The intention is to create a single standard for a 'trusted execution environment' (TEE), used to secure ARM-based smartphones, tablets, smart TVs and games consoles, the chip designer said on Tuesday.

"The integration of the hardware, software and services necessary for system-wide security has been slow," ARM's chief executive Warren East said in a joint statement. "I am confident that this new joint venture will accelerate the adoption of a common security standard, enabling a vibrant ecosystem of secure service providers to emerge."

The TEE will provide a secure method for accessing applications and services on phones and other devices, according to the partners. "This includes mobile payment, enterprise productivity and mobile banking applications, as well as online commerce and premium content services," ARM said.

As Netherlands-based Gemalto and German provider Giesecke & Devrient are two key players in mobile security, the joint venture will need approval from the European Commission before it goes ahead, a spokesman for ARM told ZDNet UK. He added that the green light is expected to come in the next few months, after which the joint venture will begin operations.

The move comes as the British chip designer faces renewed pressure from Intel. Its rival is also trying to get its low-powered chipsets into connected devices, particularly phones and tablets, that often use ARM technology instead.

Intel made its own big security play by buying McAfee for almost £5bn at the start of 2011, in a deal largely aimed at securing connected devices.

Terms of the agreement

Under the terms of the agreement, ARM will own 40 percent of the joint venture. Gemalto and Giesecke & Devrient, which both have extensive experience in developing TEEs, will each own 30 percent.

All three will contribute patents, software, employees and "cash and capital equipment" to the venture, they said. The as-yet-unnamed joint venture will effectively take over Gemalto and Giesecke & Devrient's existing relationships with customers for their Trusted Logic Mobility and Mobicore products respectively.

Mobicore is a TEE that can be securely managed over-the-air. Giesecke & Devrient has been working with ARM for two years on combining Mobicore with ARM's TrustZone technology so as to make smartphone-based banking transactions more secure.

Gemalto also has experience in securing mobile payments, through partnerships with processor manufacturers such as STMicro.

"The new venture unites the leading players in trusted execution environments and will accelerate the market for secured services," Giesecke & Devrient chief executive Karsten Ottenberg said in the statement.


Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.

Topics: Security, Processors

David Meyer

About David Meyer

David Meyer is a freelance technology journalist. He fell into journalism when he realised his musical career wouldn't pay the bills. David's main focus is on communications, as well as internet technologies, regulation and mobile devices.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • What all need to keep in mind is that hardware based secure endpoint devices using ARM's "TrustZone" security extension are just part of the equation. The question is, how do these devices interface to a common trust infrastructure network? Who has conceptualized it?
    anonymous