CONFERENCE Cyber AI & Automation Summit - NOW LIVE
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

New Protocol Authenticates USB Type-C Chargers, Devices

New USB Type-C Authentication specification launched

New USB Type-C Authentication specification launched

The USB Implementers Forum (USB-IF) on Wednesday announced the launch of the USB Type-C Authentication Program, which aims to protect host systems against non-compliant chargers and potentially malicious devices.

The USB Type-C Authentication specification, unveiled by the USB-IF and the USB 3.0 Promoter Group in 2016, provides the cryptographic mechanisms needed for authenticating various types of USB Type-C devices, including chargers, cables, storage drives and power sources.

This optional security protocol allows OEMs to confirm the authenticity of USB chargers, cables and devices. Using certificates, companies can protect their products against both non-compliant chargers that can deliver damaging power surges and USB devices that may carry a malicious payload.

The authentication process takes place immediately after a wired connection is made, before any power or data exchange.

The use case examples described by the USB-IF and USB 3.0 Promoter Group when they unveiled the new specification included travelers concerned about charging their phones at a public terminal and enterprises protecting corporate assets by ensuring that only verified USB storage devices can be connected to their PCs.

The USB Type-C Authentication protocol provides support for authenticating over either the USB Power Delivery or USB data bus channels, it offers 128-bit security, and gives products control over security policies.

DigiCert has been selected to operate registration and certificate authority services for the new specification. The company will work with the over 1,000 member companies of the USB-IF.

“USB-IF is excited to launch the USB Type-C Authentication Program, providing OEMs with the flexibility to implement a security framework that best fits their specific product requirements,” said USB-IF President and COO Jeff Ravencraft. “As the USB Type-C ecosystem continues to grow, companies can further provide the security that consumers have come to expect from certified USB devices.”

Advertisement. Scroll to continue reading.

Related: Malware Found on USB Drives Shipped With Schneider Solar Products

Related: USB Drives Deliver Dangerous Malware to Industrial Facilities

Related: Symantec Unveils USB Scanning Station for ICS, IoT Environments

Related: Apple Rolls-Out USB Restricted Mode in iOS

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Video platform Vimeo has appointed Ryan Weeks as Chief Information Security Officer.

LPL Financial has welcomed Renana Friedlich as Chief Information Security Officer.

SSH Communications Security has appointed Pauli Haikonen as the company’s Chief Information Security Officer (CISO).

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.