ARM and Giesecke & Devrient (G&D) announced plans to develop a mobile electronic payment system combining ARM’s TrustZone technology and G&D’s Mobicore operating system.
“We will be working with ARM to develop the security architecture for the next generation of mobile phones. This will enable people to access highly valuable services with convenience and security,” explains Kai Grassie, head of the New Business division at G&D.
Security is the top priority in developing the new mobile payment system. Online services will require security-sensitive functions such as entry of user name and password or data output on a display. These functions are transferred to the Mobicore operating system running in the TrustZone protected area of an ARM application processor. As the security-sensitive functions are executed, Mobicore maintains control of the secure area of a system-on-chip, ensuring that the personal data cannot be manipulated by malware on the phone during a payment transaction.
ARM is also creating a range of training and architectural service packages based around a TrustZone/MobiCore reference system aimed at helping reduce time-to-market for secure embedded system development. ARM will release its first secure system training course based around hardware system integration and the TrustZone API next month, followed by the ARM Active Assist on-site design review service package, a secure systems development training package based on Mobicore, the release of the TrustZone Address Space Controller to secure multiple regions in off-chip memory and the TrustZone reference system later in the year.