Samsung Knox 2.0 Adds 2-Factor Biometric Authentication, Ships with Galaxy S5


Samsung KNOX 2.0 should be around in Q2/2014 thereabouts. The original release of this MDM (mobile device management) product was made at the MWC last year and its evolution has been duly outlined at MWC 2014. Visible on the list of new features is the addition of 2-factor biometric authentication, the S5 includes a fingerprint reader and will come bundled with the refreshed Knox allowing for more levels of user verification. Android 4.4 devices running the Knox 1.0 can upgrade to the newer version once it becomes commercially available.

Other features include:
• TrustZone-Protected Certificate Management: Device-wide feature that generates and maintains client certificates
inside Trustzone with additional support for industry standards such as PKCS#11; allows mobile devices to play the
role of the smart card and its readers.
• KNOX Key Store: Generates and maintains encryption keys inside the TrustZone protected environment; allows third
parties to utilize encryption for security sensitive applications and makes sure that encrypted data is protected if the
system is compromised
• Real-Time Protection for System Integrity: Real-time monitoring that both detects and prevents any unauthorized
modifications to the kernel code, critical kernel data and system partition
• TrustZone-Protected ODE: Encrypts the data stored in the device through the TrustZone-protected encryption key, which
can be disabled at the detection of system integrity compromise.
• Enhanced Generic Framework of KNOX: Supports Per-App VPN functions for SSL VPN solutions such as Juniper, F5
and Cisco while previously supporting them only for IPsec VPN.

KNOX EMM (enterprise mobility management) and KNOX Marketplace are new introductions to Samsung’s BYOD suite meant to give an integrated solution to IT departments. Identity and Access Management these are the unique features added by the cloud-based EMM. To accomplish this, the mobility suite implements 326 IT policies, catering for web-based and mobile apps with a single sign-on. More than 140 cloud applications are offered in the Knox Marketplace along with customizable billing for customers who purchase multiple apps. Once IT admins have defined credentials in the Knox Marketplace, employees can access these services from their devices without explicit registration.

New partners have also been roped into the Knox ecosystem. There is now support for SE Android policy configurations for third party containers including Good’s secure container, Fixmo’s SafeZone, MobileIron’s AppConnect. This improves on Android’s native model for mandatory access control. KNOX will now allow user devices to access company resources via Microsoft Workplace Join.