Google explains how the Titan M helps secure the Pixel 3

Google explains how the Titan M helps secure the Pixel 3

We may earn a commission for purchases made using our links.

In Part 1 of our Pixel 3 & Pixel 3 XL review, we mentioned that they may be the most secure consumer Android smartphones on the market. Pixel devices are typically more secure than other Android phones because they get more reliable updates. Those monthly security patches are more important than you might think. The Pixel 3 takes security to the next level with something called “Titan Security.”

Google posted on their blog about how Titan Security makes the Pixel 3 so secure. First, let’s go back to the Pixel 2. Google included a dedicated tamper-resistant hardware security module to strengthen disk encryption and protect the lock screen. The next step in securing the hardware is the “Titan M.” This technology is derived from the Titan chip used in the Google Cloud data centers.

Titan M does a few different things for the Pixel 3. First, it’s integrated into the Verified Boot process. It checks to make sure your phone is running the right version of Android. It prevents malicious attacks from moving your device to an outdated version or attempting to unlock the bootloader.

On the lock screen, you have fewer log in attempts. Only after a successful verification will Titan M allow for decryption. Titan M is also used to secure transactions in 3rd-party apps. Android Pie allows apps to generate and store private keys in Titan M. The Pixel 3 is also the first device to ship with Protected Confirmation, which is an API for securing user interaction transactions. This API comes into play for things like e-voting and peer-to-peer money transfers.

Lastly, Google says Titan M has insider attack resistance. This means the firmware on Titan M cannot be updated unless you have successfully entered your passcode. Malicious attackers can’t bypass the lock screen to tamper with the security firmware. All of these Titan M features make the Pixel 3 a very secure Android phone. This is what Google needs to do to make sure their devices set the standard for the Android ecosystem.

Source: Android Developer Blog