Starting March 27, 2025, we recommend using android-latest-release instead of aosp-main to build and contribute to AOSP. For more information, see Changes to AOSP.
Hardware security best practices
Stay organized with collections
Save and categorize content based on your preferences.
This page contains recommendations to ensure
that the hardware present on Android devices contributes to raising the
overall security of the device instead of compromising the security of
the device.
Device memory
It is important to understand the potential security tradeoffs when
selecting memory for Android devices. For example, certain types of memory
can enable the execution of
Rowhammer style attacks.
- Android devices should use memory that contains mitigations against
Rowhammer style attacks. Device manufacturers should work closely with
their memory manufacturers for additional details.
StrongBox KeyMint (previously Keymaster)
It's important to securely store and handle cryptographic keys that are
available on the device. This is typically done on Android devices by
utilizing a hardware-backed KeyMint (previously Keymaster) implemented in an isolated environment,
such as the Trusted Execution Environment (TEE). It is further recommended to
also support a
StrongBox KeyMint, which is implemented in
tamper-resistant hardware.
- Ensure that the StrongBox Keymaster is running in an environment that
has a discrete CPU, secure storage, a high quality true random number
generator, tamper resistant packaging, and side channel resistance to meet
the requirements to qualify as a StrongBox Keymaster. See the Android 9
CDD, section 9.11.2 for more information on the requirements.
Content and code samples on this page are subject to the licenses described in the Content License. Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
Last updated 2025-07-09 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-07-09 UTC."],[],[],null,["# Hardware security best practices\n\nThis page contains recommendations to ensure\nthat the hardware present on Android devices contributes to raising the\noverall security of the device instead of compromising the security of\nthe device.\n\nDevice memory\n-------------\n\nIt is important to understand the potential security tradeoffs when\nselecting memory for Android devices. For example, certain types of memory\ncan enable the execution of\n[Rowhammer](https://en.wikipedia.org/wiki/Row_hammer) style attacks.\n\n- Android devices should use memory that contains mitigations against Rowhammer style attacks. Device manufacturers should work closely with their memory manufacturers for additional details.\n\nStrongBox KeyMint (previously Keymaster)\n----------------------------------------\n\nIt's important to securely store and handle cryptographic keys that are\navailable on the device. This is typically done on Android devices by\nutilizing a hardware-backed KeyMint (previously Keymaster) implemented in an isolated environment,\nsuch as the Trusted Execution Environment (TEE). It is further recommended to\nalso support a\n[StrongBox KeyMint](/privacy-and-security/keystore#StrongBoxKeyMint), which is implemented in\ntamper-resistant hardware.\n\n- Ensure that the StrongBox Keymaster is running in an environment that has a discrete CPU, secure storage, a high quality true random number generator, tamper resistant packaging, and side channel resistance to meet the requirements to qualify as a StrongBox Keymaster. See the Android 9 CDD, section 9.11.2 for more information on the requirements."]]
