Handheld mobile devices provide an ever richer range of applications and connectivity which, when combined with their limited computing resources and physical accessibility, implies a unique set of security issues. High-value services must operate alongside low-risk features and even user-downloaded applications. The complex mixture requires a rich OS environment which carries with it its own inherent vulnerabilities. This class outlines a security architecture tailored to provide the assurance required for high-value services while at the same time allowing the freedom needed for user-downloaded applications on the same device. Starting with the hardware components providing tamper-resistant monitoring and debug port protection, the class moves through tamper-evident software load and execution and through to system and user data protection. Finally, the class outlines the integration of these elements with software virtualization technology to provide assurance for high-value services. The virtualization solution runs a strictly contained and hardware access-restricted User OS. Alongside, but fully isolated from the User OS, virtualization allows a Trusted Execution Environment (TEE) to run, in which high-value services may operate out of reach of other features and applications.