Disk encryption system BitLocker already uses TPM to secure encryption keys. TPM is also used for secure software updates, to protect virtual machines and to authenticate smart cards. Intel's vPro remote management service relies on TPM for authentication ahead of remote PC repairs.
TPM 2.0 will be a minimum requirement on all Windows 10 devices except for developer boards like Raspberry Pi 3, which runs the lightweight Windows 10 IoT Core.
The security feature isn't new; in fact it's been available for years, mostly in business PCs. Many new PCs already have TPM 2.0, with an exception being low-cost PCs. Some Windows laptops have the older TPM 1.2 standard. But PC makers will now be expected to comply with Microsoft’s new hardware requirements and include TPM 2.0.
HP's Elite X3 Windows 10 smartphone -- based on Qualcomm's latest Snapdragon 820 processor -- already has TPM 2.0. The feature isn't listed in Acer's Liquid Jade Primo or Nokia Lumia models, which have older components.
Microsoft has been trying to drive hardware and software changes in PCs, some of which have been controversial. Upcoming PCs based on Intel's Kaby Lake chips -- which could be released in the third quarter -- will support only Windows 10, not prior versions of the OS.
The software company earlier this year said it would support Windows 7 and 8.1 on Skylake devices until July 17, 2017, but extended that for one year after attracting criticism for trying to force an OS upgrade to Windows 10 on users.
TPM 2.0, a specification from Trusted Computing Group, was approved as an international standard by ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission) in June last year.
Sign up for CIO Asia eNewsletters.