While the USB Implementers Forum (USB-IF) is happy that their USB Type-C specification is being adopted swiftly, there are concerns that many dodgy Type-C cables exist in the market that could harm certain devices.
There have been well-documented reports of engineers, such as Google’s Benson Leung, examining USB Type-C cables and chargers to find they are non-compliant with the specification. This could lead to a device being damaged during the charging process, as has happened on occasion.
The USB-IF has a solution to this problem: the Type-C Authentication specification. This spec essentially allows a host to verify the compliance and capabilities of a Type-C accessory as soon as it’s plugged in, and before any data or power is transmitted. The host and accessory communicate through 128-bit encryption, and the whole process works even when a charger or cable is just providing power.
The Type-C Authentication spec will also come in handy for preventing malware that’s embedded within dodgy USB devices. A bank, for example, could set its computers to block any USB devices that don’t include its special security certificate, stopping malware attacks before the USB device can transmit any data.
Hosts will be able to support the Authentication spec through simple software and firmware update. Devices that naturally can’t be updated in this way, like cables, will need to be redesigned with the Authentication spec in mind.
Like with many specification updates like this, it may take a few years for device manufacturers to implement the new features in their USB products. However when new products do start hitting the market, these changes should make it a lot easier and safer to use USB Type-C cables.
April 12, 2016