vivo: From mobile overseas expansion to security protection in the AIGC era

After more than 20 years of development, vivo has grown from a regional private enterprise to a global enterprise, witnessing the vigorous development of China's Internet, especially the mobile Internet industry.

According to relevant statistics, vivo has officially shipped to more than 60 countries, there are more than 500 million active vivo mobile phone users worldwide, and there are more than 320,000 offline sales and after-sales outlets.

As a technology company that creates great products driven by design and focuses on smart terminals and smart services, how does vivo ensure the data security and privacy of users? Recently, at the 2023 Amazon Web Services re:Inforce China event, Vivo Chief Security Officer Lu Jinghui introduced Vivo's security strategy and how Vivo will meet security challenges in the AIGC era.

Propose security strategies and promote the development of a trusted ecosystem

Vivo founder, president and CEO Shen Wei once said, "Data security and privacy protection are the basic rights of consumers and the cornerstone for companies to gain consumer trust. We must regard data security, privacy protection and compliance with laws and regulations as the red line and basic bottom line that must not be touched in the company's R&D and business activities to guide the development of various work."

To this end, vivo has built a "PROTECT" security strategy, including seven aspects: data privacy protection, data risk management, product object security, key security technologies, security engineering, compliance management, and security attack and defense. Based on technical practice, vivo has created the Qianjing security paradigm, which forms an overall security technology architecture capability through three aspects: security technology, security engineering, and security attack and defense.

Lu Jinghui said that we hope to build a trusted environment within the terminal based on the Qianjing security architecture to create a secure product experience for users, including key enabling points at the chip, kernel, framework and application levels.

At the same time, vivo empowers the industry through different technical service forms and open security capabilities. By building a trusted environment, it empowers payment partners, social partners, gaming partners, etc. with the results of trusted measurement, and jointly builds a healthy and trusted mobile Internet ecosystem.

Dual cooperation of technology and culture

In the process of going global and expanding its business, vivo needs to choose suppliers with stable services, good infrastructure, excellent after-sales and responsiveness. vivo hopes to build a more secure and safer digital world. It is precisely because of Amazon Web Services, an advocate of global cloud computing and cloud security, with a rich node layout around the world, strong infrastructure capabilities, and an excellent innovation culture, that vivo chose to cooperate with Amazon Web Services.

Lu Jinghui said that when companies provide global services, Chinese companies must prove their innocence and the innocence of others. To this end, vivo adopted Amazon Web Services' secure and reliable global infrastructure and directly inherited the relevant security and compliance certifications of Amazon Web Services' global infrastructure, providing basic security guarantees for vivo's overseas expansion and greatly improving the efficiency of overseas expansion.

In addition, vivo uses a variety of security services from Amazon Web Services, such as threat detection and incident response (Amazon GuardDuty ), identity authentication and access control (Amazon IAM), Network and Infrastructure Security (Amazon WAF ), Data Protection and Privacy (Amazon CloudTrail), and Risk Management and Compliance (Amazon Trusted Advisor) and other related services have built corresponding cloud data security capabilities.

Third, vivo has benefited a lot from Amazon's innovation culture and co-creation of technological innovation points. In the past year, vivo and Amazon Web Services jointly held the "No Bad Days" safety and compliance special exchange event, which lasted for 18 related co-creation and business exchanges, and the cumulative number of on-site seminar participants exceeded 600.

Lu Jinghui pointed out, "vivo is a company that emphasizes the construction of corporate culture. Only long-term cultural construction can ensure the long-termism of the company. One of the core points is 'technological innovation is one of the cornerstones of our long-termism'. While we received an excellent service, we also felt and learned from Amazon's excellent innovation culture."

Fourth, with the help of Amazon Web Services’ technical strength, vivo also conducted 68 cloud security inspections. Through cloud security inspections and related co-creation activities, it further clarified and sorted out potential points in the “PROTECT Strategy” that require further improvement and cooperation.

Building security capabilities in the AIGC era

In the era of artificial intelligence, especially the era of generative artificial intelligence, vivo believes that data is the infrastructure of the era of artificial intelligence and the underlying architecture for the development of artificial intelligence technology.

Lu Jinghui said that to promote the healthy, orderly and sustainable development of the artificial intelligence industry, it is necessary to pay attention to data security and personal information protection. The two are the "cornerstones" of the orderly and sustainable development of artificial intelligence. This is vivo's understanding of how to ensure data security and privacy protection in the era of artificial intelligence.

Lu Jinghui summarized the relationship between AI and security into two dimensions: AI for Security and Security for AI. In terms of AI for Security, vivo already has security protection capabilities such as virus identification and detection of unknown viruses, as well as the use of many AI-related technologies such as privacy computing and federated learning when processing privacy data on the end side.

In terms of Security for AI, vivo will also use innovative technologies to improve security protection measures in the AI ​​era. For example, generative artificial intelligence can be used to solve problems such as intrinsic security, content security, operational security, and compliance. For example, for intrinsic security issues, the core is to establish a baseline for corresponding management, management process/system/norms/tool ​​support, and control the source of data.

Lu Jinghui pointed out that vivo is more focused on the work that must be done as a smartphone manufacturer when providing generative AI services, and other work can be built together through the empowerment of our partners. "Because building a healthy and orderly generative AI ecosystem requires the joint efforts of all parties ."