For the Pixel 3, Google is betting on a chip to bring Android security

The chip is a variation of what Google uses to protect its data centers.

Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
Alfred Ng
2 min read

Rick Osterloh, Google's senior vice president of hardware, talks about the Titan M security chip at the Pixel 3 event last week.

Sarah Tew/CNET

Google is calling the Pixel 3 its most secure phone yet. On Android, there's not much competition.

During Google's Pixel 3 event in New York last Tuesday, the company mentioned that its latest phones would be the first devices to have its Titan M security chip. If the name sounds familiar, it's because Google first announced the Titan chip for its cloud servers in 2017; it's meant to keep services like Gmail and Google Drive safe from cyberattacks.

In July, Google also announced the Titan Security Key, which doesn't actually use the Titan chip.

The Pixel 3 would be the first time Google's own security chip is in the hands of everyday people, as the previous Titan chip was used only internally, on Google's data centers. In a blog post Wednesday, Google detailed how the Titan M works and why it makes the Pixel 3 the most secure Android phone you can get.

Android, the most popular mobile operating system in the world, also wrestles with a bad reputation for security, after years of flaws and vulnerabilities.

Its open platform, which provided freedom for users to install any app they wanted and for manufacturers to preinstall apps, also led to security headaches. It also doesn't help that though Google pushes out security updates to fix new vulnerabilities, not everyone is on the latest version of Android and so doesn't receive them.

By comparison, Apple's iOS, with its restricted App Store and sandboxed environment, has dealt with far fewer security issues. For years, Apple has relied on a hardware-based security measure called the Secure Enclave, a key manager that's isolated from the main processor and stores encrypted keys.

The Titan M chip is its own dedicated chip and not a part of the Qualcomm Snapdragon 845 processor, which already has its own security features.

The chip introduces Verified Boot to Android phones, a feature that's been on Chromebooks for years and is designed to keep devices secure on start-up. It's meant to ensure that your phone and the apps you're using haven't been tampered with by hackers.

In the past, hackers were able to use Android vulnerabilities to downgrade a phone to a less secure version, opening it up to more-severe attacks. The Titan M chip is engineered to prevent this and make sure no updates can come unless the owner enters a password on the device.

The chip also looks to protect the Pixel 3's lockscreen passcode by encrypting and storing the security keys on the hardware.

In addition, it creates and stores private keys for third-party apps and payments. Google says these security checks means one day you'll be able to safely vote online, mentioning e-voting as one of the new possibilities in its blog post. 

Security:  Stay up-to-date on the latest in breaches, hacks, fixes and all those cybersecurity issues that keep you up at night.

Apple: See what's up with the tech giant as it releases new iPhones and more.