Setting a brand new normal for cell safety


With Pixel 6 and Pixel 6 Professional, we’re launching our most safe Pixel cellphone but, with 5 years of safety updates and probably the most layers of {hardware} safety. These new Pixel smartphones take a layered safety method, with improvements spanning throughout the Google Tensor system on a chip (SoC) {hardware} to new Pixel-first options within the Android working system, making it the primary Pixel cellphone with Google safety from the silicon all the way in which to the information heart. A number of devoted safety groups have additionally labored to make sure that Pixel’s safety is provable by way of transparency and exterior validation.

Safe to the Core

Google has put person knowledge safety and transparency on the forefront of {hardware} safety with Google Tensor. Google Tensor’s primary processors are Arm-based and make the most of TrustZone™ know-how. TrustZone is a key a part of our safety structure for normal safe processing, however the safety enhancements included in Google Tensor transcend TrustZone.

Determine 1. Pixel Safe Environments

The Google Tensor safety core is a customized safety subsystem devoted to the preservation of person privateness. It is distinct from the applying processor, not solely logically, however bodily, and consists of a devoted CPU, ROM, one-time-programmable (OTP) reminiscence, crypto engine, inner SRAM, and guarded DRAM. For Pixel 6 and 6 Professional, the safety core’s main use circumstances embody defending person knowledge keys at runtime, hardening safe boot, and interfacing with Titan M2TM.

Your safe {hardware} is simply pretty much as good as your safe OS, and we’re utilizing Trusty, our open supply trusted execution atmosphere. Trusty OS is the safe OS used each in TrustZone and the Google Tensor safety core.

With Pixel 6 and Pixel 6 Professional your safety is enhanced by the brand new Titan M2TM, our discrete safety chip, totally designed and developed by Google. On this subsequent technology chip, we moved to an in-house designed RISC-V processor, with further pace and reminiscence, and made it much more resilient to superior assaults. Titan M2TM has been examined towards probably the most rigorous normal for vulnerability evaluation, AVA_VAN.5, by an unbiased, accredited analysis lab. Titan M2™ helps Android Strongbox, which securely generates and shops keys used to guard your PINs and password, and works hand-in-hand with Google Tensor safety core to guard person knowledge keys whereas in use within the SoC.

Shifting a step increased within the system, Pixel 6 and Pixel 6 Professional ship with Android 12 and a slew of Pixel-first and Pixel-exclusive options.

Enhanced Controls

We purpose to offer customers higher methods to manage their knowledge and handle their units with each launch of Android. Beginning with Android 12 on Pixel, you should use the brand new Safety hub to handle all of your safety settings in a single place. It helps defend your cellphone, apps, Google Account, and passwords by providing you with a central view of your machine’s present configuration. Safety hub additionally supplies suggestions to enhance your safety, serving to you resolve what settings finest meet your wants.

For privateness, we’re launching Privateness Dashboard, which will provide you with a easy and clear timeline view of the apps which have accessed your location, microphone and digital camera within the final 24 hours. In the event you discover apps which might be accessing extra knowledge than you anticipated, the dashboard supplies a path to controls to alter these permissions on the fly.

To supply further transparency, new indicators in Pixel’s standing bar will present you when your digital camera and mic are being accessed by apps. If you wish to disable that entry, new privateness toggles provide the capability to show off digital camera or microphone entry throughout apps in your cellphone with a single faucet, at any time.

The Pixel 6 and Pixel 6 Professional additionally embody a toggle that allows you to take away your machine’s capability to hook up with less-secure 2G networks. Whereas mandatory in sure conditions, accessing 2G networks can open up further assault vectors; this toggle helps customers mitigate these dangers when 2G connectivity isn’t wanted.

Constructed-in safety

By making all of our merchandise safe by default, Google retains extra folks secure on-line than anybody else on the planet. With the Pixel 6 and Pixel 6 Professional, we’re additionally ratcheting up the dial on default, built-in protections.

Our new optical under-display fingerprint sensor ensures that your biometric data is safe and by no means leaves your machine. As a part of our ongoing safety growth lifecycle, Pixel 6 and 6 Professional’s fingerprint unlock has been externally validated by safety consultants as a powerful and safe biometric unlock mechanism assembly the Class 3 energy necessities outlined within the Android 12 Compatibility Definition Doc (CDD).

Phishing continues to be an enormous assault vector, affecting everybody throughout totally different units.

The Pixel 6 and Pixel 6 Professional introduce new anti-phishing protections. Constructed-in protections robotically scan for potential threats from cellphone calls, textual content messages, emails, and hyperlinks despatched by way of apps, notifying you if there’s a possible drawback.

Customers are additionally now higher protected towards dangerous apps by enhancements to our on-device detection capabilities inside Google Play Shield. Since its launch in 2017, Google Play Shield has supplied the power to detect malicious functions even when the machine is offline. The Pixel 6 and Pixel 6 Professional makes use of new machine studying fashions that enhance the detection of malware in Google Play Shield. The detection runs in your Pixel, and makes use of a privateness preserving know-how known as federated analytics to find commonly-run dangerous apps. This may assist to additional defend over 3 billion customers by bettering Google Play Shield, which already analyzes over 100 billion apps on daily basis to detect threats.

Lots of Pixel’s privacy-preserving options run inside Non-public Compute Core, an open supply sandbox remoted from the remainder of the working system and apps. Our open supply Non-public Compute Companies manages community communication for these options, and makes use of federated studying, federated analytics, and personal data retrieval to enhance options whereas preserving privateness. Some options already working on Non-public Compute Core embody Dwell Caption, Now Taking part in, and Sensible Reply strategies.

Google Binary Transparency (GBT) is the latest addition to our open and verifiable safety infrastructure, offering a brand new layer of software program integrity in your machine. Constructing on the rules pioneered by Certificates Transparency, GBT helps guarantee your Pixel is simply working verified OS software program. It really works through the use of append-only logs to retailer signed hashes of the system photos. The logs are public and can be utilized to confirm that what’s printed is identical as what’s on the machine – giving customers and researchers the power to independently confirm OS integrity for the primary time.

Past the Cellphone

Protection-in-depth isn’t only a matter of {hardware} and software program layers. Safety is a rigorous course of. Pixel 6 and Pixel 6 Professional profit from in-depth design and structure opinions, memory-safe rewrites to safety important code, static evaluation, formal verification of supply code, fuzzing of important elements, and red-teaming, together with with exterior safety labs to pen-test our units. Pixel can also be a part of the Android Vulnerability Rewards Program, which paid out $1.75 million final yr, making a precious suggestions loop between us and the safety analysis neighborhood and, most significantly, serving to us maintain our customers secure.

Capping off this mixed {hardware} and software program safety system, is the Titan Backup Structure, which supplies your Pixel a safe foot within the cloud. Launched in 2018, the mix of Android’s Backup Service and Google Cloud’s Titan Expertise implies that backed-up software knowledge can solely be decrypted by a randomly generated key that is not recognized to anybody moreover the shopper, together with Google. This end-to-end service was independently audited by a 3rd celebration safety lab to make sure nobody can entry a person’s backed-up software knowledge with out particularly figuring out their passcode.

To prime all of it off, this end-to-end safety from the {hardware} throughout the software program to the information heart comes with no fewer than 5 years of assured Android safety updates on Pixel 6 and Pixel 6 Professional units from the date they launch within the US. This is a vital dedication for the trade, and we hope that different smartphone producers broaden this development.

Collectively, our safe chipset, software program and processes make Pixel 6 and Pixel 6 Professional probably the most safe Pixel cellphone but.