The USB Type-C Authentication Program will help protect against non-compliant USB chargers
USB Type-C is the standard in most Android smartphones these days. We’re also seeing USB-C in more tablets, Chromebooks, and other devices. In the early days of USB-C (and still some today), there were a lot of issues with bad chargers and cables. The USB-IF standards body has announced a program to help protect against bad accessories.
The USB-IF is the non-profit organization behind the USB standard’s marketing and specifications. Back in 2016, they announced the USB Type-C Authentication Program, but today they are officially launching it. Their new authentication program “defines cryptographic-based authentication for USB Type-C chargers and devices.” Some will see this as a form of hardware DRM, and that’s basically what it is. Vendors can use this to not only to enforce safety standards but also include support for only “approved” devices. That means they could prevent you from using devices for more than just safety reasons.
The authentication occurs “right at the moment a connection is made,” so there is no power or data transfer before. If a device is capable of causing harm, it will be detected before the harm can happen. The intention of the program seems good, but there is certainly room for abuse. USB-C has been a promise of one standard connector for all devices. We’d hate to see that ruined by devices that won’t allow users to use perfectly safe 3rd-party accessories.
Here are the key features of the USB Type-C Authentication program:
- A standard protocol for authenticating certified USB Type-C chargers, devices, cables, and power sources
- Support for authenticating over either USB data bus or USB Power Delivery communications channels
- Products that use the authentication protocol retain control over the security policies to be implemented and enforced
- Relies on 128-bit security for all cryptographic methods
- Specification references existing internationally accepted cryptographic methods for certificate format, digital signing, hash and random number generation
Source: Business Wire