In short: Google has now provided in-depth details about four ways it's Titan M chip provides better security for the Pixel 3 and Pixel 3 XL, from the bootloader to third-party software, than any previous devices bearing the brand. To begin with, the chip is deeply integrated with Verified Boot, allowing validation of the devices' Android version against a stored copy of the latest 'safe' version and acting as a safeguard against undesired bootloader unlocking. However, Google takes things further still by preventing the firmware for Titan M from being updated by third-party apps or bad actors without unlocking the display. That stops the lock screen passcode, which is similarly locked in with the chip and prevents built-in decryption from being bypassed, from being circumvented via malware. Those protections are all backed by Titan M's fully separated processing and flash storage, making it more difficult for malicious entities to interfere with the security.
Simultaneously, the company is allowing third-party applications to utilize Titan M's features, via the StrongBox KeyStore APIs, to protect sensitive transactions and app functions. Android 9's Protection Confirmation API can be used by developers as well. That will add an additional layer of security to user-confirmed transactions and, Google says, help enable strong protections for everything from e-voting to person-to-person transfers. Specifically, the latter of those APIs enables a system-level check to ensure that it was the user and not malware or other third-party software which instantiated a transaction. The Pixel 3 and Pixel 3 XL ship with those protections out of the box and full integration in the Google Pay application is also said to be in the works.
Background: None of that is to say that the search giant hasn't already been working towards making the entire OS safer regardless of brand. Prior to the recently launched Pixel 3 flagships, the company also began making changes to the underlying update process and working with OEMs to make updating much easier. It also started working directly with companies that manufacture the components that make up the vast majority of Android devices with the goal of enabling a separation of security improvements from firmware updates at the hardware level. The hope is to remove the middleman by ensuring that updates are provided by component manufacturers and reduce the need for system-wide updates on a monthly basis. At the same time, the change could actually improve the rate at which any given handset is patched independently of the device makers themselves.
Impact: With that said, Google's self-branded handsets serve a similar purpose to the previously used Nexus-branding. Namely, they are intended to act as reference devices for third-party manufacturers. So, the result of the company's apparent renewed interest in on-device security via a dedicated security chip could serve as a catalyst, prompting other OEMs to take a similar approach to harden their own phones and tablets. What's more, the new chip has also been incorporated into the company's new Chrome-branded device, the Google Pixel Slate, making the device even more secure, beyond the protections provided by Chrome OS. That could spur a similar response for Chromebooks and other Chrome OS gadgets.