Samsung Knox is a business platform for configuring and managing mobile devices – offering efficient and customized use in various industries. Keep your mobile infrastructure connected, protected, and productive. Samsung claims that it is a defense-grade security that protects businesses and end users at both hardware and software level, and it’s built into Samsung devices.
Since introduced in 2013, Knox has secured over 2 billion Samsung devices and is used to manage over 150 million devices. Trusted around the world, Knox has helped over 35,000 businesses achieve their goals at a global scale and it’s said to have achieved more global government security and third-party analyst certifications than any other device, platform, or operating system.
Background of Mobile Security and Understanding Knox Vault
Knox Vault was developed to enhance the existing hacking defense mechanism (TrustZone) in Samsung devices. Traditionally, Samsung devices safeguard sensitive information like passwords, biometric data, and encryption keys within a space called TrustZone.
TrustZone oversees and audits software interactions with the Android system, controlling processes from the bootloader to the Android framework. This oversight is crucial for IT administrators to monitor apps running on devices.
While TrustZone might be complex, it essentially protects critical information using a designated area in the AP. For instance, if the OS is compromised by malicious code, TrustZone can detect it during runtime. It securely stores various passwords and certificates to manage them safely. It also checks for kernel or system software modifications to ensure smartphone security. However, TrustZone is susceptible to side-channel attacks because it runs other operating systems alongside Android on the same processor.
Knox Vault addresses this vulnerability by operating independently of the main processor, preventing side-channel attacks. Smartphone APs, lacking enhanced HW security functions, are prone to HW attacks. Knox Vault counters this by storing information on secure ICs that resist HW attacks, thus providing superior HW and SW hacking resistance compared to TrustZone.
The Secure IC used by Knox Vault resists HW attacks like electrical contact, laser attacks, light exposure, or power failure. As a separate space from the AP, it also prevents side-channel attacks, known as Knox Vault Storage, integrated into the A55 and A35 models.
However, unlike flagship models, the A series lacks its own processor (subsystem) in the AP, limiting powerful computational functions like biometrics or blockchain. The A series stores data such as password/PIN/pattern and SAKm, a key for Knox services, Samsung Pay, and Samsung Pass.
Storing passwords/PINs/patterns within the Secure IC ensures robust security against password hacking even if the smartphone is lost. The complexity of SAKm modulation allows safe use of sensitive services like Samsung Pay and Samsung Pass.
Scenarios where Knox is active
Scenario 1: Knox Vault and Find My Mobile
If a smartphone is lost or stolen, a hacker would need to unlock the password to access the data. Extracting a smartphone password is challenging, involving either inputting all possible passwords or employing a HW attack. Since passwords/PINs/patterns are stored in Knox Vault, hacking becomes impossible, aiding in protecting the phone if lost. By combining Knox Vault’s capabilities with Find My Mobile (FMM), users can remotely lock their smartphone and track its location, further enhancing personal information protection.
Scenario 2: Security Enhancement for Auto Block
Auto Block, though separate from Knox Vault, optimizes security by preventing unauthorized app installations, similar to iPhone’s restrictions on APK installations. It detects and halts suspicious activities during app installation. Additionally, it prevents malicious software installation when charging the smartphone or connecting to a PC. This is particularly useful in public charging spots or shared PCs, reducing malware risks. Emphasizing these advantages can create compelling content to highlight the device’s security features. Furthermore, A35/A55 models detect and block APK installation attempts from suspicious sources to safeguard consumers.
Scenario 3: Secure Folder
Samsung designed secure folders to store user data separately, catering to users sensitive to data security. The secure folder’s password/PIN/pattern is also stored in Knox Vault. Users can set different passwords for their secure folder and smartphone screen locks, creating a double-lock system protected by Knox Vault. This reduces the risk of unintentional exposure of sensitive information, even if the smartphone password is shared or accidentally revealed. Secure folders thus mitigate the risk of unauthorized access to personal data.
Find out more about KNOX at https://www.samsungknox.com/en
