A mobile device can be compromised if unauthorized agents gain super-user access permissions to the powerful system files that control device operation and data access. This loss of control is possible if a device user roots their device to get full control over the device firmware, files, UI, and apps. Unfortunately, malware can exploit this vulnerability to steal passwords, hijack identities, access secret info, install apps, and modify firmware.
Enterprises with Bring Your Own Device programs are especially at risk, as employees may potentially use rooted Android devices in the workplace. Risks range from the undetected exposure of confidential enterprise assets to wider more insidious attacks on other enterprise resources and infrastructure. Enterprises must have a fail-safe way to detect if a device is compromised, before allowing device users to deploy it in the workplace.
Malware can potentially intercept and forge the results of a device health check, making a compromised device seem secure. The Knox platform leverages its hardware-backed trusted environment to reliably detect and report compromised devices.
Because a Device Root Key (DRK) is unique to each device, it can tie data to a device through cryptographic signatures. The Samsung Attestation Key (SAK) signs the Attestation data to prove that it originated from the TrustZone Secure World on a Samsung Knox device.
Knox Attestation works in tandem with Trusted Boot and Periodic Kernel Measurements to ensure the integrity of devices during deployment, bootup, and operation.
Knox Attestation provides these key differentiators:
Unlike other solutions on the market, Knox Attestation enables IT admins to determine which attestation result correlates with which device, without having to painstakingly map IDs manually. With competitor solutions, results are returned for separate devices, but IT admins can't differentiate between devices, and consequently the results are not actionable. Knox Attestation returns a single device ID and enables IT admins to prevent or contain issues promptly.