Samsung's Unpacked 2022 gave us an official look at its most anticipated Galaxy devices of the year, including the Galaxy Z Flip 4, Galaxy Fold 4, Galaxy Watch 5, and Galaxy Buds 2 Pro. But there was one feature mentioned throughout the event that gives them an extra edge over many other Android phones: Samsung Knox.
The security platform strives to keep everything from data leaks to malware at bay, even down to a hardware level. In fact, Samsung specifically states that if a device is being hijacked, a self-destruct sequence will initiate to make sure threat actors can't loot your private information (learning a thing or two from Mission: Impossible, I take it).
With Android phones constantly being under threat of malicious apps on the Google Play Store, riddled with all types of malware, Samsung Galaxy phones do something more on the cybersecurity front than others.
What is Samsung Knox?
Samsung Knox is the company's security platform that brings multiple layers of protection to nearly all Galaxy devices. It isn't anything new; Knox was first introduced in 2013, and now secures over 1 billion Samsung devices — from Galaxy phones and Galaxy Tabs to Galaxy Watches.
Knox offers multiple layers of security, from the kernel of the operating system (OS) to the hardware-based Knox Vault. The latter physically isolates PINs, passwords, biometrics, and security-critical keys away from the rest and stores them in the secure memory. Think of it as a dedicated vault secretly hidden away behind a bookcase. Or, you know, watch a representation of it.
What this means is Knox Vault is independent of the primary processor that runs Android OS, making it a tough nut for hackers to crack and steal valuable information. It's a tamper-proof, secure subsystem with its own processor and memory, allowing users to effortlessly store everything from biometric data to blockchain credentials.
Unless you have the right authentication, you won't be getting in. It's EAL5+ (Evaluation Assurance Level) certified, which essentially means it has been rigorously tested through specialist security engineering techniques and has the highest possible level of security against penetration testing.
Although, Samsung notes that Knox Vault on Galaxy phones using a Samsung Exynos processor are EAL5+ certified, while those that use Qualcomm processors, such as the recent Galaxy Z Fold 4 and Galaxy Z Flip 4 using Snapdragon Gen 8+ Gen 1, are EAL4+ certified. That's still incredibly strong for consumers, but not as high as the level of assured security EAL5+ brings.
That's also where "self-destruct" comes in. While "hackers armed with lasers and power glitch tactics" can't crack the vault, as Samsung notes, threat actors that hijack the device will be met with a blown-up vault. That also means everything stored and backed up won't be available to the user anymore, but it beats hackers swiping them.
Then there's the kernel, the master of all things OS. If hackers take over this, they have complete control. But Knox will deny any breaches thanks to Real-time Kernel Protection (RKP). To keep hackers from remote monitoring and leak sensitive data, Samsung's RKP monitors the kernel in an isolated execution environment. That means when threat actors request to modify components via the kernel, it must be verified by the RKP first — and only safe modifications can be made.
Even apps get an extra layer of protection thanks to Defeast Exploit (DEFEX). This prevents potential illegal operations from happening, all by detecting and anticipating attacks to make sure no unauthorized changes happen to apps.
Heck, there's even a VPN with Knox, and the security platform is updated constantly. Although, Knox VPN has seen a bit of trouble, and Samsung even announced it was going to deprecate the service. However, that's now been repealed, and will continue to be supported on Android 13.
Want to find out if your Samsung device is "Secured by Knox"? Samsung products marked with a shield icon will have it, but you can also find out by checking out a list here.
Always stay cautious
Samsung Knox is a highlight for its new selection of foldables, but also for the Samsung Galaxy S22, Samsung Galaxy Tab S8, and new Galaxy Watch 5. But that doesn't mean it's completely impenetrable. Android is a forever-changing beast, and threat actors are always finding new ways to breach devices.
Since Apple's App Store is incredibly strict on what apps are allowed on the platform (sometimes) and doesn't allow users to edit iOS or macOS code, devices like the iPhone 13 and MacBook Air M2 are less likely to be under attack compared to Android. What's more, Apple now has a new Lockdown Mode to boost its security. Plus, Android is a bigger target.
Samsung takes security to another level with Android, all to keep hackers at bay. However, it's always a good idea to keep an eye out for anything suspicious, such as phishing or whaling attacks. The best way to stay secure is to use the best antivirus apps available. But, if you're in the market for a secure Android smartphone, Samsung Galaxy phones are what you're after.