HIGHLIGHTS
- USB Type-C connections will get safer thanks to this new program
- Device manufacturers can impose limits on eligible devices
- Initially the program is optional for device manufacturers
When USB Type-C (aka USB-C) arrived a few years ago, it looked promising. A single cable for your laptop, tablets, smartphones, and other gadgets. The reversible connector was probably its biggest highlight, apart from faster data transfer rates, support for quicker charging, and media delivery. But it hasn’t been a smooth ride until now. USB-IF, a non-profit organization that looks after USB standards, has now formally launched a new ‘USB Type-C Authentication Program’. The program is aimed at protecting users’ devices from all sorts of security hazards.
The USB Type-C Authentication Program lays the foundation for a new protocol by setting up guidelines that manufacturers can follow. The suggests usage of a cryptographic-based authentication to ensure a secure connection between USB Type-C devices and chargers, amongst other accessories.
As of now, hooking up your device with an unknown USB Type-C charger could be a major potential threat in terms of data security. Third-party chargers can also fry your devices by pushing extra power.
Based on the protocol, devices or chargers should be able to instantly authenticate the connection the moment a user plugs in a device. This means device manufacturers can also limit the number of devices that can be compatible with your mobile phone or a laptop.
USB-IF has chosen to work with DigiCert which will be the certificate authority service for the program. It’ll make use of 128-bit cryptographic-based authentication. DigiCert claims this will protect users’ devices from maliciously embedded hardware or software trying to exploit a USB connection.
The program will include a set protocol for authentication meant for USB Type-C chargers, cables, devices, and other accessories. It will also include support for USB power delivery communication channels with 128-bit encryption for all authentication methods.
Initially, the program is optional for device manufacturers but with more companies adopting USB Type-C, it only makes sense for them to follow the programme.