Enhance User Authentication with GlobalPlatform Trusted UI APIs | GBAF

Enhance User Authentication with GlobalPlatform Trusted UI APIs | GBAF

Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Home > Top Stories > GlobalPlatform Secures Biometric Authentication & Enriches Trusted User Interaction

GlobalPlatform Secures Biometric Authentication & Enriches Trusted User Interaction

Published by Gbaf News

Posted on May 4, 2018

5 min read

Last updated: January 21, 2026

UK's FTSE 100 and financial markets react to Russia's embassy statement on G7 loans to Ukraine - Global Banking & Finance Review — The image illustrates the UK's FTSE 100 index performance amid the controversy over G7 loans to Ukraine backed by frozen Russian assets. This reflects the ongoing financial tension and geopolitical implications discussed in the article.

Extends Trusted User Interface APIs to support developers in authenticating users in-app

GlobalPlatform, the standard for secure digital services and devices, has extended the functionality of its Trusted User Interface (Trusted UI) APIs. Service providers and application developers now have a direct path to provide users with a richer and safer authentication experience and, importantly, to offer trusted biometric authentication that is secured in the hardware of the device’s Trusted Execution Environment (TEE).

“Sensitive digital services like banking, payments, document signing and access control require strong user authentication and user consent, and to do this users must interact with their device,” comments Gil Bernabeu, Technical Director of GlobalPlatform. “Our work in collaboration with FIDO Alliance and IFAA on the Trusted UI moves away from PINs and passwords processed in the vulnerable device OS, to a world where all sensitive user interactions are secured in the hardware of the TEE. These new APIs enable trusted applications to leverage the device’s biometric sensors, while staying fully isolated from the device OS, and trusted user interactions to be fully configured to the specific needs of each digital service.”

A Trusted UI is a specific mode in which the user interface of a device is controlled solely by the TEE – an isolated area in the main processor of a smartphone (or any connected device) that ensures sensitive data is stored, processed and protected in a trusted environment. The Trusted UI ensures that malware running in the device cannot tamper with displayed messages, capture secret information displayed to the user and intercept PINs or passwords entered by the user, as in a “PIN on Glass” scenario. It also, prevents malware from running transactions without explicit user consent.

The TUI Extension: TEE Biometrics API and the TEETrusted User Interface Low-level API open up more functionality and options for the configuration of authentication screens and other trusted interactions, in addition to the secure integration of biometric authentication into apps.

“This is a big step forward for the TEE specifications,” adds Gil. “The market is demanding stronger authentication and biometric technology has come to the fore as it supports security and convenience. But insecure biometrics will not be tolerated by service providers and consumers. This is why the TEE is so important. It is the only technology that brings trust to the device user interface and, as such, is fundamental to the future of secure digital services and strong user authentication.”

The final step to integrate biometrics into the TEE specifications will be the publication of a new module for the TEE Protection Profile. This will enable products to be certified as meeting the requirements of the specifications by the GlobalPlatform TEE Certification Scheme.

To download the specification without charge, visit the GlobalPlatform Device Specifications webpages.

To learn more about the work of GlobalPlatform, sign up to and read the latest GlobalPlatform Newsletter.

Extends Trusted User Interface APIs to support developers in authenticating users in-app

GlobalPlatform, the standard for secure digital services and devices, has extended the functionality of its Trusted User Interface (Trusted UI) APIs. Service providers and application developers now have a direct path to provide users with a richer and safer authentication experience and, importantly, to offer trusted biometric authentication that is secured in the hardware of the device’s Trusted Execution Environment (TEE).

“Sensitive digital services like banking, payments, document signing and access control require strong user authentication and user consent, and to do this users must interact with their device,” comments Gil Bernabeu, Technical Director of GlobalPlatform. “Our work in collaboration with FIDO Alliance and IFAA on the Trusted UI moves away from PINs and passwords processed in the vulnerable device OS, to a world where all sensitive user interactions are secured in the hardware of the TEE. These new APIs enable trusted applications to leverage the device’s biometric sensors, while staying fully isolated from the device OS, and trusted user interactions to be fully configured to the specific needs of each digital service.”

A Trusted UI is a specific mode in which the user interface of a device is controlled solely by the TEE – an isolated area in the main processor of a smartphone (or any connected device) that ensures sensitive data is stored, processed and protected in a trusted environment. The Trusted UI ensures that malware running in the device cannot tamper with displayed messages, capture secret information displayed to the user and intercept PINs or passwords entered by the user, as in a “PIN on Glass” scenario. It also, prevents malware from running transactions without explicit user consent.

The TUI Extension: TEE Biometrics API and the TEETrusted User Interface Low-level API open up more functionality and options for the configuration of authentication screens and other trusted interactions, in addition to the secure integration of biometric authentication into apps.

“This is a big step forward for the TEE specifications,” adds Gil. “The market is demanding stronger authentication and biometric technology has come to the fore as it supports security and convenience. But insecure biometrics will not be tolerated by service providers and consumers. This is why the TEE is so important. It is the only technology that brings trust to the device user interface and, as such, is fundamental to the future of secure digital services and strong user authentication.”

The final step to integrate biometrics into the TEE specifications will be the publication of a new module for the TEE Protection Profile. This will enable products to be certified as meeting the requirements of the specifications by the GlobalPlatform TEE Certification Scheme.

To download the specification without charge, visit the GlobalPlatform Device Specifications webpages.

To learn more about the work of GlobalPlatform, sign up to and read the latest GlobalPlatform Newsletter.