000037684 - Do the RSA SecurID token apps for Android and iOS utilize a Trusted Execution Environment?

Document created by RSA Customer Support Employee on Jun 27, 2019
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000037684
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Software Token
Platform: iOS, Android
IssueI want to know if the RSA SecurID Token app for Android and iOS utilize a Trusted Execution Environment (TEE) in any way.
ResolutionThe RSA SecurID Token app for Android utilizes the Android hardware-backed keystore to protect its key material.  This keystore uses a Trusted Execution Environment (TEE) or Secure Element (SE) depending on the device model.  Keys in the TEE or SE cannot be exposed or exported.

The RSA SecurID Token app for iOS utilizes the keychain services to protect its key material.  The keychain is in turn protected using a hardware-backed key in the iPhone/iPad secure enclave.
NotesFor more information, you may refer to the official iOS Security and Android Security documentation.

Attachments

    Outcomes