Samsung's new Galaxy Quantum 2 uses quantum cryptography to secure apps - ZDNet
Samsung's new Galaxy Quantum 2 uses quantum cryptography to secure apps - ZDNet |
| Samsung's new Galaxy Quantum 2 uses quantum cryptography to secure apps - ZDNet Posted: 13 Apr 2021 12:00 AM PDT  Developed together with SK Telecom, the Galaxy Quantum 2 is the second quantum-equipped smartphone released by Samsung. Image: SK TelecomSamsung is launching a new smartphone equipped with quantum cryptography technology, which promises to deliver a new level of security to consumer applications like mobile banking. Developed together with South Korean telecoms giant SK Telecom, the Galaxy Quantum 2 device will be -- at least for the foreseeable future -- only available to the South Korean public, and is the second quantum-equipped smartphone released by Samsung. With a 6.7-inch display, a 64MP main camera, and a Qualcomm Snapdragon 855+ chipset, the Quantum 2's feature set matches some of Samsung's flagship smartphones, with the additional security of quantum cryptography for some of the device's services. The Quantum 2's predecessor, called the Galaxy A Quantum, made its debut last year in South Korea, as the world's first 5G smartphone with integrated quantum cryptography technology. Like the new Quantum 2, the Galaxy A includes a quantum random number generator (QRNG) that's designed to secure sensitive transactions against the most sophisticated attacks. SEE: Network security policy (TechRepublic Premium) Developed by ID Quantique, the QRNG comes in the form of a 2.5mm-by-2.5mm chipset that leverages the unpredictable properties of quantum particles to generate completely random numbers. This is key to making cryptography keys more robust: the more random a security key, the harder it is to use logical mathematics to crack the code. Most classical systems rely on number generators that are deterministic, which means that it's possible, with enough compute power, to figure out what makes up the cryptography keys that protect sensitive data on a device. ID Quantique's system, on the other hand, uses an LED light source that beams photons onto a CMOS sensor. According to the laws of physics, the behaviour of photons as they are picked up by the sensor is random, and can therefore be translated into a key that's completely unpredictable. In the Galaxy A Quantum, those unhackable keys are used to protect various transactions, for example by generating stronger one-time-passwords during two-factor authentication. QRNG also increases the security of storage for sensitive data such as biometrics, which is needed to authorise payments through SK Telecom's Pay app, for example. SK Telecom also lets users create "quantum wallets" on their phones, where useful identity documents like licences, insurance claim documents or even graduation certificates can be encrypted with QRNG. The new Quantum 2 smartphone extends the number of services that can be secured with quantum encryption. SK Telecom's services like T World, Pass and T Membership, as well as mobile banking services with Shinhan Bank and Standard Chartered Bank Korea will be provided using QRNG. "The Galaxy Quantum 2 includes more quantum-secured applications than ever before, bringing applications and services to a new level of security in the mobile phone industry," said Grégoire Ribordy, CEO and co-founder of ID Quantique. The ID Quantique chip's capabilities will also work automatically with apps that use the Android Keystore APIs, which means that developers will have the opportunity to access the technology to develop more apps that support quantum cryptography. It's hard to tell how much excitement the news of quantum-secure services on a smartphone will generate among consumers. The technology seems rather niche from a user's perspective, and the Quantum 2's predecessor has, so far, made little impact outside of South Korea. That said, according to SK Telecom's latest statistics, the Galaxy A Quantum sold more than 300,000 units in the first six months following its release, figures the company described as among the highest sales volumes for Galaxy 5G smartphones released that year in South Korea -- with numbers comparable, for example, to sales for the S20 and Note 20. It's worth noting that the Galaxy S20 and the Note 20 recorded drastically lower sales than previous generations due to the impact of the COVID-19 crisis. SK Telecom nevertheless confirmed that discussions are ongoing to expand the lineup of quantum-equipped smartphones, with plans to open the technology to new applications, including to services provided by Samsung Card. "With the Galaxy Quantum 2, we have successfully expanded the application of quantum security technologies to a wider variety of services including financial and security services," said Han Myung-jin, vice president and head of marketing group of SK Telecom. "Our efforts will continue to keep expanding services that are safely and securely provided via the Galaxy Quantum 2." Pre-orders for the Galaxy Quantum 2 will open in South Korea from April 13 to 19, and the device will officially launch in the country on April 23.  |
| How to Protect Your Mobile Application Against Cyber Attacks - Legal Reader Posted: 26 Apr 2021 11:15 AM PDT It is important to remember that preventing significant cyber threats from attacking your smartphone apps is more appropriate a strategy than combating them. Let us not forget that there are close to 5 million apps on the Apple App Store and Google Play Store together. The explosive growth of mobile apps is also giving birth to new and newer security risks. Naturally, app developers are always on the lookout for tested and tried means to protect their apps from cyber attacks. Let us explain here some of these tried, tested, and reasonable means to safeguard your apps from cybersecurity threats. Optimising Code To ensure optimum app security, app developers must always use a highly secure framework for building the application. This will help them avoid most of the coding errors. The coding errors and design faults can allow the attackers to get easier access to app data. This is why developers need to consider security aspects just like a hacker. On top of this, the developers also need to protect the apps with Runtime Application Protection to ensure most minor exposure to cyber-attacks in actual time. It is also advisable to hire a third party to hack the app and nullify all the possible attacks. Many app developers Ireland use code optimisation as their preferred measure to improve app security. Stringer User Authentication Secured authorisation and user identification are essential for app security. To enforce stronger protection, it is always advisable to make it mandatory for users to use an MFA (Multi-Factor Authentication) or 2FA (Two-Factor Authentication). These security protocols undoubtedly offer an extra security layer. Enforcing quicker session timeout after every minute of inactivity is crucial to safeguard a mobile app from live threats. Faster timeout is already a good security measure, and that is why most mobile banking apps extensively follow this security best practice. Protecting the App Backend Another crucial security measure is to protect the app backend. To help backend security, it is essential to strengthening the server security. Extra protection can be implemented by testing all the APIs responsible for accessing the servers. Apart from that, some procedures such as data encryption, penetration testing, and data containerisation can also be beneficial. Ensure optimum API security APIs are responsible for bringing third-party services to a mobile app, and that's why they have higher exposure to security risks. Make use of the 256-bit SSL encryption To help APIs securely transit data. This will at least give full security to the data in transit. Security by design Another important step is to design a model for the threat perception in the very beginning. This will help you to think like a hacker and evaluate the threats from the perspectives of the hackers.  Lastly, whether you are creating safeguards for your online store app or any other regular app, always consider all the consequences that are likely to happen if a security breach occurs. Mobile device management Since the mobile app ecosystem is too diverse and segregated across hundreds of different devices, several dozen OS platforms and their versions, device management is vital. To control unwanted access to the app, it is essential to embrace the 256-bit Advanced Encryption Standard and ensure optimum data safety, whether in files, forms, and other data sources. Maintaining a robust encryption key management strategy is also very important from the security perspective. In Apple iOS, you have several different mobile device management (MDM) or enterprise mobile management (EMM) solutions like MobileIron, MaaS360, Good Technology, etc. Another less expensive security option is to use the Microsoft Exchange ActiveSync protocol. Android smartphones, in contrast, represent bigger challenges. Thanks to their low price point, they are more accessible and hence attract security breaches more frequently than others. As a tool, you can use Android for Work (A4W), an enterprise-grade solution for encrypting device data and segregating personal and professional apps. App Wrapping App wrapping is another highly credible security enforcement measure for mobile applications. This type of security measure is popular because they are the least likely to change its app functionalities and look. Thanks to this wrapper, there will be stricter rules about accessibility and the people who can download the app, the APIs to be allowed, etc. Highly Protected Payment Transactions Most mobile apps facilitating transactions are vulnerable to threats corresponding to mobile payment. So, safeguarding payment transactions from online threats is extremely important from the security perspective. Online security against vulnerable transactions can be made stronger and robust by using multiple-factor authentication, data encryption, session management, cookie management, etc. Make use of App Transport Security (ATS) ATS or App Transport Security is a robust and handy privacy feature that Apple has brought from the iOS 9 update. ATS enhances the data integrity and boosts privacy for all types and app extensions of all kinds. On top of all these, ATS can also prevent connections lacking the least minimum security needs. ATS comes with a powerful TLS configuration addressing the criteria such as allowing connections with servers by using TLS 1.2 protocol and strong cyphers and allowing server connections using PFS (Perfect Forward Secrecy) protocol. Conclusion In this respect, it is important to remember that preventing significant cyber threats from attacking your smartphone apps is more appropriate a strategy than combating them. For saving mobile apps from the menace of disastrous cybersecurity attacks, it is extremely important to identify potential security risks. It would help if you always went to the root of the problem instead of addressing security risks in a superficial manner. Only when you detect the potential threats and vulnerabilities, preventing them or taking safeguards against them becomes more accessible. To ensure the strongest cybersecurity for your mobile app data, it is also essential to use a data backup tool.  |
| You are subscribed to email updates from "mobile phone security,encryption policy android,how good is android encryption" - Google News. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
Comments
Post a Comment