Android Protected Confirmation is the first major mobile OS API that leverages a hardware protected user interface (Trusted UI) to perform critical transactions completely outside the main mobile operating system. The signing key never leaves the Trusted UI’s hardware sandbox, so neither app malware nor a compromised operating system can fool the user into authorizing anything. At Google I/O 2018, the What’s new in Android security session showcased partners planning to leverage Android Protprotected Confirmation in a variety of ways.”]
Source: https://security.googleblog.com/2018/10/android-protected-confirmation-taking.html