vacancies advertise contact news tip The Vault
facebook rss twitter

USB Promoter Group aims to cut risk from dodgy USB Type-C gear

by Mark Tyson on 13 April 2016, 10:31

Tags: USB Implementers Forum

Quick Link: HEXUS.net/qacz4n

Add to My Vault: x

HEXUS first covered the news about underspecified, wrongly specified and just plainly dangerous cables and connectors being sold to early adoptees of the USB Type-C standard in November last year. That news came from a Google Engineer who tested quite a few cables and adaptors being sold on Amazon and provided ratings depending upon his findings. Usually a cable/adaptor can be one of two things; compliant to spec and useful, or out of specification and potentially dangerous/damaging. A large number of cables for sale at that time were found to be in the latter camp.

At the end of March Amazon acted to clamp down on the sale of any 'unsafe' USB Type-C cables. That was good news, as Amazon is one of the most popular retailers around the world, but can't something else be done? Now the USB 3.0 Promoter Group has stepped in to define an Authentication Protocol for USB Type-C.

Many new devices come with a USB Type-C charger

The new USB Type-C Authentication specification is a cryptographic-based authentication for USB Type-C chargers and devices. With this new protocol USB Type-C port equipped systems "can confirm the authenticity of a USB device or USB charger, including such product aspects as the descriptors/capabilities and certification status". This 'handshake' occurs the moment the USB Type-C connection is made, before any data or power gets delivered.

This new authentication standard goes beyond checking for unspecified cabling and the capabilities of devices such as chargers and extends its use to reduce risks from maliciously embedded hardware or software in USB devices. Thanks to the USB Type-C Authentication specification, portable device users need worry less about using USB chargers at a public terminal, for example, by allowing charge from certified USB chargers only. Moving to PCs, a system admin can set a policy to allow access only to verified USB storage devices, for example.

Brad Saunders, USB 3.0 Promoter Group Chairman, summed up: "In support of the growing USB Type-C ecosystem, we anticipated the need for a solution extending the integrity of the USB interface. The new USB Type-C Authentication protocol equips product OEMs with the proper tools to defend against ‘bad’ USB cables, devices and non-compliant USB Chargers."



HEXUS Forums :: 10 Comments

Login with Forum Account

Don't have an account? Register today!
Should have been in the spec from the start not a add on feature.
I'm not sure about this.

It almost feels like it could be used by a company, like Apple for instance, to ensure that only official, Apple, made / sold cables / chargers can be used with an Apple product and it would reject any 3rd party cable (even it was to spec) because it had been locked to a certain certificate.

Happy to be proved wrong.
I can see the reasons but I hope its not just an excuse to charge more. I've done well with £2~3 USB cables in the past and never had an issues. I won't be pleased if I have to start shelling out £10+ for a basic charging cable.
Kanoe
I'm not sure about this.

It almost feels like it could be used by a company, like Apple for instance, to ensure that only official, Apple, made / sold cables / chargers can be used with an Apple product and it would reject any 3rd party cable (even it was to spec) because it had been locked to a certain certificate.

Happy to be proved wrong.

That would happen…
As as has been mentioned already. This is good in theory but could easily be used to lock you in to absurdly overpriced cables from specific vendors…