It will soon be much easier for consumers and businesses to determine whether a USB-C device is genuine and can be trusted, thanks to the newly introduced USB Type-C Authentication specification.
Under the new program, the USB Implementers Forum will test and certify USB-C cables, chargers, and other devices. End-user products — such as computers and mobile phones — will be able to cryptographically verify that the cable or charger to which it is connected has been certified and has not been tampered with.
The wide reach of USB makes such a certification program difficult, but ultimately advantageous for all parties. Consumers have long been threatened by the proliferation of faulty power adapters, miswired cables that can short out connected electronics, and even cables that install malware or conduct man-in-the-middle attacks on peripherals or devices.
Businesses face similar threats — malware-laced flash drives are a headache for information security professionals — and often resort to banning USB entirely on corporate campuses.
Under the new program, devices could be configured to only allow connection to or draw power from certified USB-C cables and chargers. Businesses could go a step further, limiting connections to specific models.
"USB is well-established as the favored choice for connecting and charging devices," USB 3.0 Promoter Group Chairman Brad Saunders said in a release. "In support of the growing USB Type-C ecosystem, we anticipated the need for a solution extending the integrity of the USB interface. The new USB Type-C Authentication protocol equips product OEMs with the proper tools to defend against 'bad' USB cables, devices and non-compliant USB Chargers."
Apple has long employed a similar approach with its proprietary cables, though in many cases third parties found workarounds and continued to sell illegitimate accessories that masqueraded as approved. It remains to be seen whether USB-C can avoid the same fate.