By Edison Xie, Director of Media affairs, Huawei Southern Africa Region
Mobile internet developments have made smart devices the most popular way to go online.
These devices store a wealth of user data with an increasing number of apps installed from uncontrolled sources. This has put user privacy and security at risk, drawing increasing scrutiny of mobile smart devices.
Huawei takes the security of smart devices extremely seriously. We do everything we can to protect user privacy and ensure data security as we work to provide a premium user experience.
Huawei’s Consumer Business Group is committed to building a brand that is trusted by global consumers in terms of privacy protection. We strictly comply with the Generally Accepted Privacy Principles (GAPP), the EU’s General Data Protection Regulations (GDPR), and all other applicable laws and regulations in the countries where we operate. We believe that privacy is our consumers’ basic right, and that they should have full knowledge and control of their personal information. Achieving this goal is part of everything we do.
Guided by the idea of “Privacy Under Your Control”, our Consumer BG adheres to four basic principles – transparency, user benefits, security, and legal compliance – and incorporates Privacy by Design throughout the business.
Protecting user privacy requires advanced technologies. We leverage leading security technologies to protect user data and to incorporate privacy protection principles starting from the product design stage. These principles continue throughout the entire product development process to fully protect user data.
Huawei has built a Trusted Execution Environment Operating System (TEE OS) that supports hardware isolation. Sensitive user data such as fingerprints, facial biometrics, and lock screen passwords are all encrypted, verified, and stored in the TEE to prevent privacy leaks.
The TEE OS’s microkernel obtained the CC EAL5+ certification, the highest for a commercial OS and uses the formal verification method. Compared with traditional verification methods, formal verification starts from code and uses mathematical methods for verification.
It then analyzes each possible execution of that code, which eliminates system vulnerabilities from the source to enhance systemic security. The key features of the Emotion User Interface (EMUI) – Huawei over-the-air (HOTA), Celia, and Hiview – received the EU’s ePrivacy seal, making Huawei the first mobile phone manufacturer to receive this certification.
In the HMS domain, we have established a complete system for managing personal data protection, and we are the global leader in terms of personal data security management, transparency, and privacy compliance. For example, the AppGallery manages the security of apps with a unique four-layer system – malicious behavior detection, security vulnerability scanning, privacy leak checks, and manual real-name reviews.
This system ensures that only secure apps are available for download from the AppGallery. HUAWEI Mobile Cloud encrypts the data transmitted in device-cloud channels and the data it stores to protect user data from end to end. In November 2019, HMS became one of the first recipients of the ISO/IEC 27701 privacy protection system certification issued by the British Standards Institute (BSI), an authoritative international standards organization.
This shows that our ability to protect user privacy and manage information security is recognized by world-leading organizations.