AuthenTec, which Apple said in July it would acquire for $356 million, has introduced a government-grade data encryption platform for Android smartphones and tablets.
MatrixDAR uses the core cryptographic functions of AuthenTec's SafeZone mobile security platform to encrypt all data on an Android device to meet Federal Information Processing Standards (FIPS) 140 certification. Along with full-disk encryption on the device, MatrixDAR also scrambles data on removable storage media, such as a flash drives or SD cards.
[ Prevent corporate data leaks with Roger Grimes' "Data Loss Prevention Deep Dive" PDF expert guide, only from InfoWorld. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]
FIPS 140 certification means the cryptographic module within a device meets standards for encrypting sensitive, but unclassified, information. The certification is required by federal agencies and regulated industries, such as healthcare and financial services.
AuthenTec plans to sell MatrixDAR to device manufacturers, which would install the platform on their respective Android devices. "When it is present, the handset maker will typically provide a menu option that users can select to encrypt stored data," Simon Blake-Wilson, vice president of AuthenTec's Embedded Security Solutions, said on Tuesday in an email.
[In depth: What's the most secure smartphone?]
The device manufacturer also has the option of configuring MatrixDAR, so it can be controlled through remote mobile device management software. The platform can be plugged into AuthenTec's virtual private network client, called QuickSec, which supports only Internet Protocol security (IPsec) connections.
MatrixDAR is aimed at preventing sensitive data from being accessed on lost on stolen devices. In addition, the technology can be used to remotely wipe all data from a device.
"The announcement is an interesting step in improving the overall data security capabilities of Android devices," Charles Kolodgy, analyst for IDC, said. Demand for data-securing technology will likely increase as enterprises deploy more tablets.
AuthenTec is not alone in selling such technology. Competitors include Mocana, which sells a product called NanoCrypto that is also installed by device manufacturers. "This is a larger suite that can be embedded in many devices, including Android," Kolodgy said of NanoCrypto. "The programming is a little more complicated, I believe, but for the device manufacturer shouldn't be too much of a burden."
AuthenTec is expected to become a wholly owned subsidiary of Apple, once the acquisition is completed. While no announcements have been made, analysts believe Apple is most interested in AuthenTec's fingerprint recognition technology for unlocking mobile devices. In addition, Apple is interested in AuthenTec's security chips that help prevent hackers from jailbreaking smartphones.
If Apple combines anti-jailbreaking technology, FIPS 140 data encryption, and fingerprint authentication in a mobile product, then it will have "a real, government-ready device," Kolodgy said.
MatrixDAR does not provide protection against malware, a growing problem on Android devices. In the most recent outbreak, TrustGo Security Labs discovered sophisticated malware that has reportedly infected a half million Android devices in China. The malware, called Trojan!SMSZombie.A, exploits a flaw in China Mobile's SMS payment process to make unauthorized payments and steal bank card numbers.
Read more about wireless/mobile security in CSOonline's Wireless/Mobile Security section.
This story, "AuthenTec brings government-grade encryption to Android" was originally published by CSO.