It's nothing new that USB devices can be a risk to use, but what people may not realise is that USB cables and charges can also pose a risk. For example, inappropriate power can hurt a device's battery and, in some cases, smartphones won't accept a system upgrade unless connected to a computer via a compliant USB-C cable.
USB Implementers Forum, or USB-IF, is a not-for-profit organisation that aims to eliminate this problem by standardising all relevant USB-C devices through the Authentication Program.
The USB-IF Authentication Program's goal is to confirm the authenticity of a USB device, cable or charger. This will happen the very moment a device is plugged in, so no data or power should be transferred.
DigiCert will be managing the PKI and certificate authority services for the program.
"As the USB Type-C ecosystem continues to grow, companies can further provide the security that consumers have come to expect from certified USB devices," USB-IF president and COO Jeff Ravencraft said.
According to ZDNet (opens in new tab), the USB Type-C Authentication solution will include the following:
- A standard protocol of authentication for USB Type-C chargers, devices, cables, and power sources;
- Support for authenticating over either USB data bus or USB power delivery communications channels;
- Products that use the authentication protocol and retain control over the security policies implemented and enforced;
- 128-bit security for all cryptographic methods; and specification references for existing internationally-accepted cryptographic methods in relation to certificate format, digital signing, hash, and random number generation.
Image Credit: Denvit / Pixabay