The Security Demands on Consumer Devices in the Age of AI
AI is enabling more complex, personalized and intelligent experiences on consumer devices. However, this means more complex software and systems running on these devices, which has a direct impact on security. For example, if thereās a 10-fold increase in the lines of code then there is 10-fold increase in the risk of more bugs.
While on-device AI creates enormous opportunities, with new models, capabilities, operator types and quantization coming to market, the pace of change poses significant security challenges, particularly for consumer devices. Therefore, security technologies and initiatives that protect customer privacy and data must complement the benefits and ongoing opportunities that AI provides.
In this blog, we will explore how we think about compute and data security when it comes to AI use cases on consumer devices, especially the smartphone.
What are the most common AI security challenges?
AI smartphones continue to be the most ubiquitous personal device for consumers, whether thatās for content creation or consumption. It is also where new AI innovations, models and use cases continue to land, with these requiring yet more data for increasingly personalized experiences. As a result, vast amounts of data are collected on these devices, leading to increasing considerations around consumer privacy and data protection focused on new assets, attack vectors and software stacks.
Malicious actors can use AI to mount scalable attacks, which can be executed efficiently across many devices with minimal effort or cost to the attacker. As outlined in this report, AI can present a threat to authentication and access control, such as voice-based and biometric authentication, through deepfakes, placing devices and their contents at risk of hacks and impersonations.
What are the Arm security principles?
Like all companies that put the security, trust and privacy of end-users first and foremost in their strategy, Arm continuously evolves its product roadmap through new features and technologies. We deliver a comprehensive suite of security features in our architecture aimed at preventing bad actors, as well as protecting against new threats during the life of the device. These aim to make the jobs of hackers harder so itās financially unattractive, resource intensive and time consuming, as well as protecting the valuable credentials and data of consumers worldwide.
Armās fundamental principles for securing compute on consumer devices focus on the following:
- Enabling developers to create ābetter software on Armā through avoiding bugs in their code to ensure that the intended outcomes of any AI-enabled application cannot be hijacked;
- Protecting data and compute everywhere from bad actors through trusted execution environments;
- A relentless drive for improved PPA (power, performance and area) on consumer devices to enable more local (on device) and personal computing to happen ā so essentially what happens on the device, stays on the device;
- Contributing to initiatives that are intended to protect the privacy and data of users; and
- Responding to the evolving threat landscape and emerging security risks.
How Arm is protecting software
As code sizes increase, so do bugs and the likelihood of human error. Therefore, Arm protects software through putting guardrails in place at the root and creating a security by-design environment. This ensures that any security bugs are detected as early as possible in the development cycle. It also means that the intended outcomes of any AI-enabled application cannot be hijacked, while also providing isolation from the operating system (OS) so any application and its contents retain their integrity.
Working with Android, Arm is providing a step change in computing infrastructure through the latest Armv9 security features and technologies, with these leading to better, safer software on Arm-based Android mobile devices. Some great examples include Armās Pointer Authentication (PAC), Branch Target Identification (BTI) and Memory Tagging Extension (MTE) that help to eliminate whole classes of memory safety bugs that hackers have exploited in the past. This is crucial because GoogleāsĀ Chromium Project team statedĀ that 70 percent of all serious security bugs areĀ memory safetyĀ issues. The impact of memory safety violations on users can be substantial, as rogue applications and bad actors can take advantage of unsafe memory to access to confidential and sensitive data, such as user credentials and passwords. Removing a whole class of vulnerabilities will make exploit chains much harder to construct.
How to protect data everywhere
More AI processing at the edge ā on the device ā is happening due to the benefits of latency, power consumption and cost compared to moving data back and forth from the device to the cloud and data center. However, there are instances where AI processing needs to take place in the cloud due to the size of models or the data.
Therefore, a hybrid model for security which provides protections from cloud to edge is needed. Arm provides isolation technologies from cloud to mobile, such as TrustZone, virtualization and Realm Management Extension (RME) which is the hardware component of the Arm Confidential Computing Architecture (CCA), to enable the confidential processing of models and provide protection environments that keep personal data away from bad actors. Moreover, having similar security posture between cloud and edge means data can flow and be shared seamlessly within the same security boundary, enabling hybrid deployments to scale.
How to enable more personalized computing
More AI processing at the edge can also lead to better consumer data privacy, which benefits personalized computing experiences on devices. If data does not leave the device, then there is no data stored in the cloud that could be leaked. More on-device AI is possible thanks to advancing compute capabilities on consumer devices. For example, Arm technologies, including our latest CPUs, GPUs and compute subsystems (CSS) for Client and Kleidi software, have enabled a 110x compute performance improvement on Arm-based mobile devices over the last 10 years.
We continue to implement more AI acceleration features into the Armv9 architecture, like Scalable Matrix Extension (SME). SME enables a greater number of advanced AI workloads being processed at the edge, leading to more personalized computing experiences on consumer devices. Moreover, Arm security technologies will help to support attestable secure environments and the secure processing of image processing pipelines on the AI smartphone, as this is where content is created and stored.
Contributing to initiatives and standards
Arm is actively participating in and contributing to global initiatives, such as the Coalition for Content Provenance and Authenticity (C2PA), that aim to protect content and data from bad actors. We are also actively involved in organizations that are working on the foundations for future AI security, such as the TCG (Trusted Computing Group) and Openssf.org.
Emerging AI security use cases
Moreover, we are constantly working with the ecosystem to address emerging AI security use cases. Just some examples of these use cases include the following:
- Developers not wanting their AI models to be exposed to other third-parties, with device OEMs looking to provide the security protections for developers deploying their models during transit ā which is when data moves between two sources or systems ā and executionĀ ā which is when the data is loaded up in memory and ready to be processed by an application.
- Complying with worldwide online safety legislation to ensure that no illegal or harmful Ā content can reach vulnerable groups.
- As well as working with OEMs to provide content provenance for any content generated on their devices.
- Protecting AI models that monitor and detect abnormal behavior, scams and fraud.
- Protecting personal user data that are stored across different devices and services to provide more personalized experiences and recommendations
As a result, we are constantly working on new security solutions, features and technologies that address many emerging use cases and threats, so weāre protecting the ecosystem long after the product development lifecycle.
The Arm secure foundation
At Arm, security is at the forefront of everything we do, with in-built architectural features and technologies that help to protect the billions of Arm-based consumer devices worldwide. These provide the secure foundation for AI workloads across consumer devices. Our products and principles will continue to evolve to protect the future of computing in the age of AI. New and exciting technologies are in the pipeline and will be discussed further in future blogs.
Any re-use permitted for informational and non-commercial or personal use only.
Editorial Contact
Latest on X
šø Spotted at #GTC25 - catch CEO Rene Haas in conversation with Jim Cramer straight from the GTC show floor
š¢ Arm Accuracy Super Resolution is now available to ALL developers!
Now open source under the MIT license & available as a plugin for @UnrealEngine, with a @Unity plugin coming soon, it brings you enhanced visual quality without compromising performance! https://okt.to/e0Blbqā¦
Attending #GDC2025? See you tomorrow at the Arm Developer Summit!
Get ready to create the ultimate mobile gaming experiences with our action-packed agenda:
š WH3020, Moscone Center, San Francisco
The Arm Silicon Startups Contest with Silicon Catalyst is back!Ā šĀ
GetĀ access to ourĀ technologyĀ through Arm Flexible Access for Startups, expert support, and investor connections to fast-track your product to market &Ā accelerate your innovation journey: https://okt.to/PU6Ids
Arm and NVIDIA are redefining enterprise computing with the NVIDIA Graceā¢ CPU & Superchips, bridging efficiency and acceleration.āÆĀ
š Listen how here: https://okt.to/2RtqUy
Embedded World 2025, over and out! š¬
Always a highlight of our annual calendar, it's been great connecting with the AI, IoT and automotive ecosystem to share why the embedded industry is built on Arm.
š· Here's a look at some of our highlights.
Collaboration is key!
Listen as Christopher Rumpf, Senior Director Software and Solutions, Auto, breaks down the importance of the automotive industry working together on SDVs. š¤
š @CipiaVision is improving the driving experience with in-cabin sensing, enabled by AI and computer vision on the Arm compute platform.
By detecting drowsiness, distraction, phone use, seatbelt, driver ID, and more, we're bringing trust and safety to the road.
Here's how itā¦
š How can developers accelerate edge AI?
John Thompson, Senior Director of Software and Ecosystems, IoT, shares how Arm Kleidi for IoT is unlocking CPU performance for the next generation of edge AI applications - with some impressive results so far.
Edge AI is evolving fast. šØ
With the new Armv9 edge AI platform is set to drive the next wave of innovation, Paul Williamson, SVP and GM for IoT, shares his thoughts on what to expect next, from LLMs and SLMs on-device to new use cases across industries.
Listen in.
š
With @alifsemi's latest MCUs and the Arm Ethos-U85, you can efficiently execute transformer networks for genAI workloads.
That means faster, more accurate processing for vision, voice, text and sensor data - without relying on the cloud. āļø
#EmbeddedWorld #ew25
OEMs are increasingly focused on enhancing the emotional connection between humans and their cars.
Christopher Rumpf shares how the SOAFEE SIG makes this possible, experimenting with the cloud-to-car continuum on Arm to shape the future of AI-enabled, software-defined vehicles.ā¦
Here's to the final day of Embedded World 2025!
We're ready for a jam-packed day filled with insight, conversations and innovation.
One stars of the show has been our SoCks!Ā š§¦
If you picked up a pair - past or present - weād love to see them in action. Share your best SoCksā¦
Tech leaders take on āThis or Thatā at Embedded World 2025! š„
We put some of Armās brightest minds in the hot seat. Watch now and play along!
#ew25
šØ Don't miss Rene Haas and @LizClaman today at #SXSW 2025 for an inside look at the state of AI, Armās role in it, and what to expect next!
š 2:30ā3:30 PM CT
https://okt.to/Y9AxlB
Spotted at Embedded World! š
Have you managed to catch any of our speakers at the show?
š Generative AI is enabling rapid advancement in the automotive industry, and we are right at the front of it.
Watch below as Suraj Gajendra, VP of Products and Solutions for Automotive, explains the impact of AI, and what new user experiences are coming into play.
How are we supporting the growth of IoT development for our ecosystem? š
ā”ļøĀ Enhancing AI performance, bringing Arm KleidiAI to the IoT, and investing in the range of devices built on Arm.
Paul Williamson, SVP and GM for IoT,Ā gives us all the details.
Ready to star in your own unique story with our Generative AI Photo Booth? šŖ
Using the YOLO11 model, Raspberry Pi 5 detects objects and creates an amazing story using the TinyStories SLM.
If you're at the event, come check it out, and get it all printed on a postcard to takeā¦
Cortex-A320 supports both rich and real-time operating systems. šŖ
Listen as John Thompson, Senior Director of Software and Ecosystems, talks to us more about it.
š The biggest challenge for vehicle OEMs today?
Ensuring robust software infrastructure, seamless deployment, and planning for the future demands of AI driven applications.
Suraj Gajendra, VP of Products and Solutions for Automotive, breaks it down.ai-d
#EmbeddedWorld #EW25
By leveraging the leading-edge capabilities of the Arm compute platform, @RenesasGlobal's new RZ/V2N brings advanced endpoint vision AI to a huge range of applications, from smart city to industrial.
See it for yourself this Embedded World! #ew25 #EmbeddedWorld
Introducing the new RZ/V2N MPU, targeting high-volume vision AI. With the latest addition of the RZ/V2N, the RZ/V series has now expanded to cover a full range of markets, from the low-end RZ/V2L to the high-end RZ/V2H.
Learn more: https://bit.ly/41VyDx8
#MPU #DRP
Great conversations and valuable connections. š¤ š¬
Earlier this week at #EmbeddedWorld, we brought developers together for an Edge AI roundtable to discuss how we can best address their needs, and the future of IoT Development.
If you joined us, thank you. For those buildingā¦
š¶ Head to the Embedded World booth with us as we kick off day 2 of the show! š
From AI at the edge to cloud-to-car intelligence, explore cutting-edge demos like @AlifSemiās Ethos-U85 for transformers at the edge and @CipiaVisionās in-cabin sensing.
ā Receive a personalizedā¦
