Owing to their mobility, persistent connectivity, and variety of applications, cell phones are now more often used as a primary computing platform than desktop computers and laptops. Users have widely adopted mobile platforms to perform sensitive tasks ranging from personal online payments to remote access to organizational services. Mobile devices can store a lot of data, including sensitive data like login credentials, photos, videos, personal information, etc. Through attacks on Mobile devices, attackers stole users sensitive and personal data which has become a critical issue nowadays. This article investigates the security of Android storage models and investigated Trusted Execution Environment (TEE) as a potential countermeasure for such attacks, and discuss a new approach to mobile identity (Mobile ID) based on TrustZone. Further, this study undertakes a design consideration analysis from the standpoint of system vulnerabilities.