Google Pixel phones first to meet the Common Criteria’s MDF protection profile on Android 11

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


Google Pixel smartphones may lack in terms of the overall hardware besides their cameras, but the fastest software updates make them immensely desirable. Pixel devices not only get the best Android features before others, but they also get top-notch security with monthly security updates. In addition to these updates, the dedicated Titan M security chip is claimed to offer enterprise-grade privacy protection. Now, the Pixel devices running Android 11 are also the first to meet Common Criteria’s MDF security standards.

Mobile Device Fundamentals (MDF) Protection Profile by Common Criteria outlines guidelines that IT companies across 31 countries around the world must follow. These guidelines ensure the enterprise user data is safeguarded by “strongest possible protections,” Google notes in a blog post. This certification allows Google to endorse its Pixel devices running Android 11 — i.e., Pixel 3 and above — which are the best-suited devices for corporate users with a lot of sensitive data to protect.

What makes Common Criteria’s MDF guidelines even more convincing is that the evaluation is performed in a lab where experts test a device’s resilience against various “real-world threats facing both consumers and businesses.” The tests are performed to warrant “every mitigation works as advertised.” To verify the mitigations in case of different threats on Pixel devices, the lab evaluates the function of:

  • Protected Communications – to ensure traffic across all communications and networks, including Wi-Fi, are encrypted.
  • Protected Storage – to ensure storage encryption and tamper-proof mechanisms such as the Titan M chip.
  • Authorization and Authentication – to check against spoofing and false acceptance
  • Mobile Device Integrity – to verify Android’s implementation of Verified Boot, Google Play System Updates, and Seamless OS Updates.
  • Auditability – for users to reports or IT admins to check for events such as device start-up and shutdown, data encryption, data decryption, and key management.
  • Mobile Device Configuration – for enterprise admins to enforce Android Enterprise’s security policies for the camera, location, or app installation.

Other than for…

Source…