Smartphones have replaced everything from digital cameras to dedicated music players. While we’re still waiting for devices to completely replace the wallet, Google has announced the formation of the Android Ready SE Alliance, a new initiative that aims to drive the adoption of digital keys and driver’s licenses.

Android 11 introduced the Identity Credential API, which makes it possible to use your phone to securely store your mobile driver's license or other credentials. While the Android APIs and support libraries are there, Google is now working on standardizing how these credentials are stored and accessed on secure, tamper-resistant hardware, which, by the way, Google says is present in "most modern phones".

According to Google, the Android Ready SE Alliance was formed to "create a set of open-source, validated, and ready-to-use SE [Secure Element] Applets." Google is first prioritizing making Applets aimed at enabling the use of identity credentials (such as mobile driver's licenses) and digital car keys.

Google Android Ready SE

Image: Google

Google previously developed its own tamper-resistant hardware enclave called the Titan M, which also enabled tamper-resistant key storage for Android apps using StrongBox. Now, Google is launching the General Availability (GA) version of StrongBox for SE, an applet that’s qualified and ready for use by OEM partners. It's available from vendors including Giesecke+Devrient, Kigen, NXP, STMicroelectronics, and Thales. OEMs that are part of the Android Ready SE Alliance must meet the following requirements:

  1. Pick the appropriate, validated hardware part from their SE vendor
  2. Enable SE to be initialized from the bootloader and provision the root-of-trust (RoT) parameters through the SPI interface or cryptographic binding
  3. Work with Google to provision Attestation Keys/Certificates in the SE factory
  4. Use the GA version of the StrongBox for the SE applet, adapted to your SE
  5. Integrate HAL code
  6. Enable an SE upgrade mechanism
  7. Run CTS/VTS tests for StrongBox to verify that the integration is done correctly

Companies like Apple, Samsung, and a handful of automakers are already working on their own digital car key technologies. In fact, shortly after the Galaxy S21 series was announced, it was revealed that Samsung’s devices would be able to find and unlock cars from Audi, BMW, Ford, and Genesis. But Google's efforts are aimed more towards devices that run Android in general, which could broaden the number of devices that can interact with our cars or hold our IDs.

Google said the alliance isn’t just aimed at phones and tablets, though. It also targets platforms like Wear OS, Android Auto Embedded, and Android TV. According to Google, several Android OEMs are already adopting Android Ready SE for future devices, but the search giant didn't reveal any company by name. For more information, visit the dedicated page for the initiative under the Android Security and Privacy section of developers.google.com.