USB Implementers Forum (USB-IF) announced on 02, January 2019, the launch of its USB Type-C Authentication Program, which aims to provide host systems the opportunity to protect against non-compliant USB chargers and mitigate risks from maliciously embedded hardware or software in USB devices.
USB-IF's Authentication program with the support of cryptographic mechanisms will confirm the authenticity of various types of USB devices, cables, storage drives, power sources, and chargers.
USB-IF is working alongside DigiCert, who manages the PKI and certificate authority services for the USB Type-C Authentication Program. Using certificates, companies can protect their products against both non-compliant chargers and malicious USB devices.
“USB-IF is excited to launch the USB Type-C Authentication Program, providing OEMs with the flexibility to implement a security framework that best fits their specific product requirements,” Jeff Ravencraft, USB-IF President and COO said, SecurityWeek reported.
The authentication process takes place immediately after a connection is made to ensure that no inappropriate power or data gets exchanged.
Features of the USB Type-C Authentication Program
“As the USB Type-C ecosystem continues to grow, companies can further provide the security that consumers have come to expect from certified USB devices,” Jeff Ravencraft, USB-IF President and COO concluded.