One of the world’s leading brand in the electronics sector, Samsung has stated in a paper that when it comes to performing transactions in the cryptocurrency world, smartphones are the safest.
The major reason behind the security provided by smartphones is TEE, short for Trusted Execution Environment, as reported by Joel Snyder, a senior IT consultant and publisher at Samsung Insights.
According to Joel, when it comes to the aspect of spending money on a short or medium term basis, we intend to keep that much amount of money in our wallet that we plan to spend, just like in real life. Similarly in the cryptocurrency world, smartphones’ Trusted Execution Environment (TEE) provides just the right kind of environment to store valuable cryptocurrency to be used more frequently or to store information regarding the private keys of bigger cryptocurrency wallets or vaults such as hard disks or SSDs.
Joel clarified that TEE runs separately from the operating system (OS) of the android and it has its own memory and persistent storage. During normal execution, the OS cannot easily get access to TEE, keeping it secure from the outside world. The connection is made only through an API, linking both the OS and TEE, using specific system calls by specific trusted programs. If a certain program is not enlisted as trusted, its access is limited, and hence, the wallet stays safe. Joel stated in the paper that:
It comes down to the Trusted Execution Environment (TEE) in the smartphone. The TEE is a separate execution environment with its own memory and persistent storage, completely isolated from the rest of the device. The Android OS can’t reach into the TEE, even if the former is completely compromised. The only way to get to and from the TEE is with an API that calls small applications running in the TEE “trustlets.” With a properly written wallet that uses trustlets to manage the keys, security is seriously tight.
Regarding the attempts of malicious softwares attempting to enter the TEE of smartphone, he stated that:
If a wallet stores the private keys on a normal persistent store (such as a hard disk or SSD), whether on a standard Windows PC or in a smartphone, a bit of malware can easily get access to them. If those private keys are in the TEE and only accessible via a trustlet, there’s no possible way the malware can extract the keys directly.
The benefits of using smartphone as wallet for cryptocurrencies are clearly visible from the application of TEE. The simple storage in laptops do not have such intricate mechanisms for protection to prevent the cryptocurrency wallets from outside attacks, increasing the chances of keys getting stolen. It was also mentioned that:
There is a significant caveat: a naïve wallet developer might choose to simply store the keys on the normal internal storage of the phone, in which case there’s little additional protection from using the smartphone platform. Or the wallet itself might be malware, in which case all bets are off. But with the right wallet leveraging the benefits of smartphone TEE, there’s no place safer to store your money.
Further benefits for choosing smartphones as wallets for cryptocurrencies were also elaborated in detail, including convenience. In the modern day, smartphones have engulfed our life in a way that it has become too hard to live without. While using cryptocurrencies frequently, the idea of carrying a big hard drive or a USB might not seem like the most viable option to go for. Although they might be good for long-term storage, smartphones prove themselves to be the best in the short-term case in term of convenience and security. It was stated in the paper that:
Smartphones also edge out, from a convenience point of view, so-called hardware wallets — offline devices that look like USB drives or other disconnected protected storage. Although hardware wallets are the best choice for long-term cold (offline) storage of cryptocurrency, they lack the convenience of a local smartphone application, making them poorly adapted for frequent use.
In today’s world of ever expanding cryptocurrencies, paying close attention to the security aspect of this sector is of utmost importance. The idea of stealing private keys safeguarding the wallets, and keeping the currencies safe is not a new one. Such kind of security threats have always been around since the dawn of this technology.
Cryptocurrency users may not pay much attention to the mechanics of how their coins are stored, but that can be a dangerous attitude to have. Picking a dependable cryptocurrency wallet is an important part of using cryptocurrencies safely. Smartphones with enhanced Trusted Execution Environments provide the ideal platform for secure storage. Joel Snyder
So, in a nutshell, in order to keep our crypto wallets safe and sound, smartphones’ Trusted Execution Technology might be the best solution to the problem of cryptocurrency theft.