USB chargers and devices are universally accessible and easy to use, but they to come with multiple sources of host potential security risks surrounding a particular phone, namely the spread of malware from infected devices or as you may know as what we call viruses transferred from one device to anther and who can forget the potential risk of data leakage should a device fall into the wrong hands which prove deadly for you in terms of someone’s privacy and now the USB Implementers Forum also known as the USB-IF–who are currently the frontrunners in terms of the advancement of USB tech have launched its USB Type-C Authentication Program, which will help resolve these multiple issues.
The program defines the optimal cryptographic-based authentication for USB-C devices and chargers. Any host system using this protocol will be able to confirm the authenticity of a device or charger, including descriptors and capabilities, right at the moment a connection is made. So lets say, for example that you’re concerned about charging your phone at a public terminal now although as innocent as the act may be, that still has a lot of potential risks in order to counter those risks, your phone will now implement a policy only allowing a charge from certified chargers. A company on the other hand, could set a policy for its PCs, giving them access only to verified USB storage devices.
USB Type C to improve its security in the near future
At this stage, the program is simply a recommendation and there is still no confirmation on the implementation required, but its creation certainly points to future security requirements for USB-C which if once implemented can provide some suitable safeguards for many users, which according to the USB-IF president Jeff Ravencraft is that this port of transmission and charging is “the single cable of the future.” Indeed, as more product manufacturers adopt to the USB-C portand nefarious individuals will be looking for ways to exploit their vulnerabilities, so the guidance marks an important contribution in enabling a secure system of compliant, interoperable products