Smartphone Tablet

Samsung Knox

Samsung Knox

Samsung Knox

Defence-grade security built from the chip up

Smartphone Tablet

Samsung Knox

Defense-grade security

Get superior data protection on Samsung devices. Samsung Knox is a defense-grade enterprise mobile security platform that’s built from the chip up to enable easier management through advanced mobility software.

Designed with the promise of security at heart, Samsung Knox empowers you to be open to new ideas and ways of doing business. We build the Knox mobile security platform into the hardware and software of our mobile devices, making Samsung smartphones, tablets and wearables among the most reliable mobile devices available. Multiple layers of security create opportunities for advanced management and control not possible without Knox. Enabling mobility software and business services that are not only simple, flexible and friendly—but also open to customization and innovation—Knox inspires freedom grounded in peace of mind. No matter where your team goes or what they do, Knox keeps hackers out and your company’s data safe from the second it turns on.
Knox sec.2
Designed with the promise of security at heart, Samsung Knox empowers you to be open to new ideas and ways of doing business. We build the Knox mobile security platform into the hardware and software of our mobile devices, making Samsung smartphones, tablets and wearables among the most reliable mobile devices available. Multiple layers of security create opportunities for advanced management and control not possible without Knox. Enabling mobility software and business services that are not only simple, flexible and friendly—but also open to customization and innovation—Knox inspires freedom grounded in peace of mind. No matter where your team goes or what they do, Knox keeps hackers out and your company’s data safe from the second it turns on.


Anchored in Samsung smartphone, tablet and wearable hardware, the Samsung Knox enterprise mobile security solution is also integrated throughout the software layers to separate data and constantly check the integrity of the device. These defense layers detect any tampering and ensure data is secure. Explore the layers below or download the whitepaper.

knox layer4
knox layer3
knox layer2
knox layer1

The Knox mobile security solution protects applications and data by strictly defining what each process is allowed to do and what data it can access. This allows Knox to separate, encrypt, and protect enterprise data within a managed container.

Periodic Kernel Measurement & Real-time Kernel Protection work to constantly inspect the core software of the OS, the kernel. These checks ensure that requests to bypass device security are blocked and sensitive data is protected.

The Knox enterprise security solution leverages a processor architecture known as TrustZone, in which highly sensitive computations are isolated from the rest of the device’s operations, protecting enterprise data.

To prevent security measures from being bypassed or compromised, Knox uses Boot-time Protections backed by Hardware Root of Trust to verify integrity of the device during the boot process.


Anchored in Samsung smartphone, tablet and wearable hardware, the Samsung Knox enterprise mobile security solution is also integrated throughout the software layers to separate data and constantly check the integrity of the device. These defense layers detect any tampering and ensure data is secure. Explore the layers below or download the whitepaper.

Knox security philosophy

BUILD TRUST

MAINTAIN TRUST

PROVE TRUST

MAKE READY

Chipset

The Knox platform ensures only approved versions of system-critical software are loaded. As the platform is built-in, the trust starts in the hardware, with unique certificates burnt into the chipset of each device.

Knox warranty fuse

With these unique certificates, the Knox mobile security platform can verify each piece of software that loads. If verification fails, Knox either records the tampering by flipping a one-time fuse called the Knox Warranty Bit, or prevents further booting. Devices with compromised Knox Warranty Bits cannot use certain Knox features or services, such as Knox Workspace or Samsung Pay.

Rollback prevention

Rollback prevention ensures that a Samsung device is not downgraded to an earlier, vulnerable software version.

Mobile security software

Without Knox security loaded, verified software can still be modified by the user, either intentionally or unintentionally. For example, by downloading a malicious app or malware.

Device monitoring

The Knox advanced mobile security platform ensures that system-critical software is not modified once loaded. The enterprise mobile security platform uses a set of technologies to protect the device kernel - the core of the operating system. It also protects applications and their data during runtime to detect malicious attacks as well as monitoring policy settings to quickly isolate any threat.

Rooting prevention

The Samsung Knox mobile enterprise solution is designed to protect the kernel and prevent rooting. This keeps the system processes and resources protected from hostile access and malware attacks.

Device attestation

For IT admins intending to manage mobile devices with an EMM (Enterprise Mobility Management) solution, Knox-enabled devices can provide you with an attestation, which lets you see if a device has been tampered with or not. Based on that, you can decide if the device can be trusted, and if it is allowed to receive sensitive corporate data.

Software approval

The Knox enterprise mobile security platform only loads and runs approved system-critical software on a device and can prove this to a third-party when requested.

EMM (Enterprise Mobility Management) integration

The final step of the design philosophy is to make the trusted platform ready for enterprise use. This involves giving enterprises complete control and configurability over their data and applications using an EMM solution.

Security controls and utilities

Knox supplies a collection of controls and utilities. Encryption keeps data secure and confidential. VPN allows data to be easily and securely sent and received when working out of office. SSO allows data to be easily accessed with consolidated authentication for apps and data.

BUILD TRUST

MAINTAIN TRUST

PROVE TRUST

MAKE READY

Chipset

The Knox platform ensures only approved versions of system-critical software are loaded. As the platform is built-in, the trust starts in the hardware, with unique certificates burnt into the chipset of each device.

Knox warranty fuse

With these unique certificates, the Knox mobile security platform can verify each piece of software that loads. If verification fails, Knox either records the tampering by flipping a one-time fuse called the Knox Warranty Bit, or prevents further booting. Devices with compromised Knox Warranty Bits cannot use certain Knox features or services, such as Knox Workspace or Samsung Pay.

Rollback prevention

Rollback prevention ensures that a Samsung device is not downgraded to an earlier, vulnerable software version.

Mobile security software

Without Knox security loaded, verified software can still be modified by the user, either intentionally or unintentionally. For example, by downloading a malicious app or malware.

Device monitoring

The Knox advanced mobile security platform ensures that system-critical software is not modified once loaded. The enterprise mobile security platform uses a set of technologies to protect the device kernel - the core of the operating system. It also protects applications and their data during runtime to detect malicious attacks as well as monitoring policy settings to quickly isolate any threat.

Rooting prevention

The Samsung Knox mobile enterprise solution is designed to protect the kernel and prevent rooting. This keeps the system processes and resources protected from hostile access and malware attacks.

Device attestation

For IT admins intending to manage mobile devices with an EMM (Enterprise Mobility Management) solution, Knox-enabled devices can provide you with an attestation, which lets you see if a device has been tampered with or not. Based on that, you can decide if the device can be trusted, and if it is allowed to receive sensitive corporate data.

Software approval

The Knox enterprise mobile security platform only loads and runs approved system-critical software on a device and can prove this to a third-party when requested.

EMM (Enterprise Mobility Management) integration

The final step of the design philosophy is to make the trusted platform ready for enterprise use. This involves giving enterprises complete control and configurability over their data and applications using an EMM solution.

Security controls and utilities

Knox supplies a collection of controls and utilities. Encryption keeps data secure and confidential. VPN allows data to be easily and securely sent and received when working out of office. SSO allows data to be easily accessed with consolidated authentication for apps and data.

Banner-5 mobile-5

Knox certifications

The Samsung Knox mobile enterprise solution is trusted by governments around the world with some of the most stringent information and technology security requirements. We work closely with these organizations on a continuous basis to ensure that our products and solutions meet and exceed these requirements.

Built into Samsung mobile devices

The Knox security solution is embedded into Samsung phones, tablets and wearables, and runs on both Android and Tizen operating systems. Knox mobile security platform features are active in your device from the moment you turn it on.

mobile-section6

Phone security

Explore Samsung Knox-enabled business smartphones, offering everything from premium features to exceptional value.

tablet-section6

Tablet security

Explore Samsung Knox-enabled business tablets, built for everything from customer presentations to workplace efficiency.

watch-section6

Wearable security

Explore Samsung Knox-enabled enterprise wearables, helping businesses increase productivity and keep employees connected.