Conversation

TPM compare very poorly to the modern secure elements heavily used by Pixels and Apple devices. API is very flawed and lacks a lot of capabilities. Common approach of wiping data on firmware upgrade instead of a proper insider attack resistance API like AOSP is also quite awful.
1
2
Secure elements aren't just heavily used by the OS but also by lots of apps via the hardware keystore APIs available to every sandboxed app. developer.android.com/training/artic is the stripped down newer version of this for secure elements as opposed to the traditional TEE (TrustZone) one.
1
2