The reversible USB Type-C port that’s been gradually making its way into smartphones and other gadgets has certainly very convenient, but it has its share of problems. You probably remember the charging cable saga, which discovered that many third party USB Type-C charging adapters and cables failed to adhere to the official specifications, meaning that they could end up actually damaging or destroying expensive new gadgets. To address this issue and others, the USB Implementers Forum (USB-IF) has announced its new USB Type-C Authentication specification.
The USB Type-C Authentication specification was unveiled at the Intel Developer Forum in Shenzhen, China yesterday, and features tweaks that should better protect devices against non-compliant chargers and malware infected devices. Connecting a power cable, adapter or other accessory into a host devices that supports the new specification will now initiate a 128-bit bit encrypted handshake to see whether the accessory meets the same specification.
Devices could be setup to disallowing charging from chargers that don’t sign off on the handshake, as a way to protect themselves from damage. The other upside is that this authentication system will help to secure devices against malicious attacks over USB. The encrypted transfer can also be used to exchange security certificates, so a lock could be enforced to only allow data exchanges between certified devices.
USB Type-C Authentication empowers host systems to protect against non-compliant USB Chargers and to mitigate risks from maliciously embedded hardware or software in USB devices attempting to exploit a USB connection. For a traveler concerned about charging their phone at a public terminal, their phone can implement a policy only allowing charge from certified USB chargers.
This will have issues for backwards compatibility though, as old cables and chargers haven’t been built with this security system in mind and will therefore need to be replaced. However, host devices such as smartphones could be updated to work with the USB Type-C Authentication specification through a firmware update. Of course, this will depend entirely on the manufacturer, so universal support is by no means guaranteed. Furthermore, a user configurable toggle in software would probably also be wise so that customers can opt in or out if they want to keep their old chargers.
The new USB Type-C Authentication specification will certainly be welcome news for those of us who have become concerned about the quality of third party cables and accessories. Now we just have to see if hardware manufacturers quickly adopt this new standard or not.