3

Android 6 and onwards allow you to query if a key is stored using secure hardware (either a TEE or SE).

Based on the distribution dashboard I see that currently 71% of the devices are running Android 6 or newer. However, I would like to know how many of those devices do have a TEE or SE and hence, are capable of returning true when running isInsideSecureHardware on a key?

Niels Mouthaan
  • 1,010
  • 8
  • 19
  • 1
    Its unlikely you will get any definitive answer as Android had reached over 24k devices back in 2015: https://opensignal.com/reports/2015/08/android-fragmentation/ And while theoretically Google could provide this info, they haven't to my knowledge, and such data would exclude those devices without Google Play, such as those in China (and possibly other countries). This question is off-topic as you are asking for off-site resources. – Morrison Chang Dec 17 '18 at 08:00
  • I was already afraid no details on this would be (easily) available. Is it possible to estimate rough numbers, especially for devices with Google Play? E.g. can we assume the majority of devices capable of running Android 6 and up have a TEE/SE due to potential hardware requirements Google has set up? Would this "majority" be likely more 90% than it would be 60%? – Niels Mouthaan Dec 18 '18 at 08:54
  • E.g. Android specifications specify that devices offering a secure lock screen SHOULD offer a fingerprint sensor. If such a sensor is available the device MUST have a TEE/SE. Based on this a rough estimation of devices having a TEE/SE capable of running Android 6 and up can be calculated, as the availability of a fingerprint sensor for (the most popular) devices can be found easily. Wondering if someone did this calculation already. Source: https://source.android.com/compatibility/android-cdd.pdf. – Niels Mouthaan Dec 18 '18 at 08:56

0 Answers0