Is your future safe with 5G?Jesse SeedSenior Director, Security Product ManagementQualcomm Technologies, Inc. (QTI)

October 24, 2019 MWC LA

2

5G standard brings enhanced security and privacyBuilding on the proven, solid security foundation of 4G LTE

1. International Mobile Subscriber Identity

Tighter securityTo expand protection and

increase flexibility

Added user plane integrity protection; lower trust in serving networks; subscription credentials can be stored in secure hardware element

Enhanced privacyTo eliminate communication of

unprotected device-specific information

User permanent identity (e.g., IMSI1) and device-specific information are ciphered before being exchanged over the air

Flexible framework To support new devices, use

cases, and deployments

Unified authentication for 3GPP & non-3GPP access (e.g., Wi-Fi), security anchor function, and network slicing

5G security core network

3GPP device

Non-3GPP device

3

5G enables massive IoT deploymentsWhere virtually everyone and everything is intelligently connected

4

5G enables massive IoT

1: Symantec ISTR 24, Feb 20192: Kapersky Lab IOT Report, Sep 20183: Symantec ISTR 24, Feb 2019

3X increase in malware

attacks on IOT devices in first

half 2018 2

Are our endpoints secure?

Top 3 Mirai DDoS attack

in 2018! 3

5200avg attacks a

month on connected devices 1

5

User Authentication,

Permissions and Roles

Man-in-the-Middle

Password Compromise, Man-in-the-Middle

User Authentication,

Permissions and Roles

Device Security Needs

Code Modification, Key Compromise, Password Compromise

Code Modification

Common device security needs and the attacks they protect against

Key Compromise,Man-in-the-Middle

Software IntegritySoftware Integrity

Data-at-Rest and Data-in-Transit

Protection

Device-Cloud Authentication &

Attestation

Device-Cloud Authentication &

AttestationFirmware

Upgrade and Lifecycle

Management

Firmware Upgrade and

Lifecycle Management

ROOT-OF-TRUST

66

Why Root-of-Trust mattersSecurely connect and manage devices at scale from chipset Root-of-Trust

Chipset factory

IoT devices

7

Industry Regulation, Standards, and Certifications

ARM PSA Certified

8

New experiences Privacy/security

New verticals Immediacy

Private/public networks Personalization

Customized/local value Reliability

EfficiencyProcessing

over 5G

Edge cloud On-device• Devices of all costs should consider

essential platform security features

• Strong root of trust is needed, at the SOC level

• 5G is rolling out now, with it comes enhanced network security

• End point security is also required; current devices often fall short

• Regulations, standards, and certifications rolling out for endpoint

security

Follow us on:For more information, visit us at:www.qualcomm.com & www.qualcomm.com/blog

Thank you!

Nothing in these materials is an offer to sell any of the components or devices referenced herein.

©2018-2019 Qualcomm Technologies, Inc. and/or its affiliated companies. All Rights Reserved.

Qualcomm is a trademark of Qualcomm Incorporated, registered in the United States and other countries. Other products and brand names may be trademarks or registered trademarks of their respective owners.

References in this presentation to “Qualcomm” may mean Qualcomm Incorporated, Qualcomm Technologies, Inc., and/or other subsidiaries or business units within the Qualcomm corporate structure, as applicable. Qualcomm Incorporated includes Qualcomm’s licensing business, QTL, and the vast majority of its patent portfolio. Qualcomm Technologies, Inc., a wholly-owned subsidiary of Qualcomm Incorporated, operates, along with its subsidiaries, substantially all of Qualcomm’s engineering, research and development functions, and substantially all of its product and services businesses, including its semiconductor business, QCT.