Network World suggests there should be a TPM in iPhones

Posted by Ken Y-N on January 30th, 2011 at 03:00pm

I came across an interesting article in Network World discussing issues surrounding the rumoured iPhone with NFC (RFID)  payment chip. Jeff Nigriny, the CEO of identity management and security firm CertiPath, says that:

[I]t would make the most sense for device manufacturers and software designers to separate the iPhone’s payment function from other apps using a Trusted Platform Module (TPM) that can be used to securely store information using cryptographic keys.

The first half of the sentence is good, but the bit about the TPM doesn’t really make sense to me. Of course, rather than a TPM a Mobile Trusted Module (MTM) would be more appropriate, but neither is a magic bullet that will securely store information. They can securely protect encryption keys and use these keys to encrypt and decrypt data securely, but they do do not provide general purpose secure storage. Instead, GlobalPlatform (there are other initiatives, of course) is specifying a complete trusted execution environment that will allow payment functions to be separated off as Mr Nigriny desires:

Using a trusted computing platform type of chip makes the most sense since you know that your other apps won’t bleed over into the trusted payment method.

It’s good that people independent of the Trusted Computing Group are bringing up these sorts of issues, but there still needs to be a lot of education.

Tags: globalplatform, iphone, network world

Under MTM+ TPM Tags: globalplatform, iphone, network world