SHENZHEN, China, April 8, 2026 /PRNewswire/ -- As AI Agents move from the cloud to the edge, an increasing number of hardware products such as smart speakers, in-vehicle assistants, enterprise terminals, and home gateways are beginning to integrate AI capabilities. This enables devices to understand natural language, invoke cloud-based large models, and execute complex tasks autonomously.

This trend brings massive imaginative space for products, but also presents an entirely new security proposition: when AI Agents replace users to continuously communicate with the cloud, how can the device-side identity credentials obtain reliable protection? To address this challenge, Goodix has launched an eSE solution tailored for AI Agent scenarios. Through a physical isolation design, it comprehensively protects the key security assets of smart hardware in the AI era.

Communication Security Relying on Software Solution Has Structural Shortcomings

In current mainstream AI Agent deployment schemes, communication security almost entirely relies on software implementations. API keys are stored in plaintext in local configuration files or flash partitions on the device, and TLS session keys reside in the host memory. This scheme works well in cloud environments or controlled development environments, but in the context of endpoint hardware products, it faces three structural issues:

First, the operating environment on the device side is uncontrollable. After hardware products leave the factory, they run in user environments for a long time. Firmware extraction, system rooting, and direct storage reading are realistic attack surfaces that must be covered in threat modeling. For products with a certain shipment scale, these attacks are almost inevitable. Once the host system is breached, or through second hand resell, plaintext API keys and TLS session keys in memory will be completely exposed.

Second, the multi-model ecosystem significantly amplifies the attack surface. Today's AI Agents usually connect to more than one model service. Main dialogue, code generation, voice recognition, and image understanding capabilities may come from different service providers respectively, and multiple sets of independent API keys are stored simultaneously within the device. The leakage of any single set of keys constitutes an independent security event, and current schemes lack unified management capabilities for multi-key scenarios.

Third, the device lifecycle is far longer than the validity period of software protection. During the 3 to 5 years a smart terminal operates, security patches at the software level rely on continuous OTA pushes and user cooperation, while the evolution of hardware attack methods is constantly updating. Throughout the entire lifecycle of the device, pure software solutions struggle to provide consistent security guarantees.

Over the past year, incidents of API key theft caused by configuration leaks, supply chain pollution, and firmware reverse engineering have continued to occur. This has evolved from isolated cases in developer communities to a systemic issue that product security teams must include in their risk assessments.

Faced with this situation, Goodix has launched the eSE solution specifically designed for AI Agent scenarios. This solution is based on a CC EAL5+ certified eSE chip. The core design principle is to strip the security assets that need the most protection from the host side and place them in a physically isolated hardware trusted environment. This will fundamentally eliminate security reliance on the host software environment, sinking the security anchor into hardware that possesses certifications, financial-grade security, and resistance to physical attacks.

Communication channel Protection: Closed-Loop TLS Entirely Within the Chip

The Goodix solution integrates a complete TLS 1.3 protocol stack inside the SE chip, allowing every communication between the Agent and the cloud large model—from TLS handshakes and certificate verification to data encryption and decryption—to be completed entirely within the chip. Under this architecture, the host's role is redefined as a "cipher text forwarder": it receives encrypted data packets from the eSE, forwards them to the network interface, and then transmits the encrypted data packets returned from the cloud back to the chip. The host handles cipher text throughout the entire process and does not hold any session keys or plaintext data communicating with the cloud model. Even if the device firmware is completely extracted and the host system is fully controlled, what attackers obtain on the host side is merely unintelligible encrypted traffic.

Consequently, communication security no longer depends on the reliability of any software components on the host side. This provides a clearer conclusion for product security compliance: when the device is subjected to physical attacks, the user's AI communication data remains protected.

API Key Management: Used Only in eSE for the Entire Life Cycle

The secure storage area of the Goodix eSE chip is specifically designed for multi-model scenarios. It can simultaneously manage multiple sets of API keys from different service providers, with each set of keys bound to its corresponding model endpoint, request format, and authentication method. During runtime, the host only needs to pass the target model identifier and request content to the eSE. Key lookup, authentication header construction, request encryption, and TLS transmission are all automatically completed inside the chip. API keys will never appear outside the chip in any scenarios.

For mass-shipped product lines, this means that the compromise of a single device will not affect the security of other devices. The keys of each security chip are stored independently and physically isolated, structurally blocking the risk transmission path where "a single breach leads to total failure."

High Compatibility:  Adaptable to Existing AI Large Model Product Architectures

Goodix eSE solution considered ecosystem compatibility as a core constraint, minimizing its impact on existing product architectures.

• Cloud Model Services: Zero modifications required. The API requests generated by Goodix's SE fully comply with standard interface specifications, with no need for any additional integration with model service providers.
• Agent Software Framework: Zero modifications required. This only involves switching the network request egress from the system network stack to the Goodix SE communication interface. The Agent's business logic, prompt engineering, tool-calling chain, and upper-layer features are completely unaffected.
• Hardware Integration: Standard interfaces. The eSE connects to the host MCU via SPI and does not require any special hardware design. For upgrades of existing products, adding an SE also does not require major changes to the mainboard architecture.

The Goodix eSE solution was born to solve the security pain points of diversified hardware AI scenarios. In the consumer and open-source ecosystem, it can effectively cover the open environment and long-term operation needs of smart speakers, while providing a commercial-grade security barrier for resource-constrained open-source projects. In enterprise and industrial scenarios, Goodix's security solution can provide critical technical support. This solution will also unlock new opportunities for security hardening across a broader range of AI applications. Moving forward, Goodix will continue collaborating closely with ecosystem partners to drive adoption of innovative security solutions.