Learning how to use and what can go wrong in Android hardware attestation

During this talk, we will walk through the use cases Android's Key Attestation API has to offer, seeing how it differs from other integrity and security solutions. We will discuss when it makes sense to use it, and how to correctly implement it. We will also cover recent developments and changes around it, as well as some ways it’s being bypassed today, along with practical strategies to defend against it.