From Business Wire:
USB Type-C Authentication empowers host systems to protect against non-compliant USB chargers and to mitigate risks from malicious firmware/hardware in USB devices attempting to exploit a USB connection. Using this protocol, host systems can confirm the authenticity of a USB device, USB cable or USB charger, including such product aspects as the capabilities and certification status. All of this happens right at the moment a connection is made – before inappropriate power or data can be transferred.
Key characteristics of the USB Type-C Authentication solution include:
- A standard protocol for authenticating certified USB Type-C chargers, devices, cables and power sources
- Support for authenticating over either USB data bus or USB Power Delivery communications channels
- Products that use the authentication protocol retain control over the security policies to be implemented and enforced
- Relies on 128-bit security for all cryptographic methods
- Specification references existing internationally-accepted cryptographic methods for certificate format, digital signing, hash and random number generation
Which is all very well and sounds good - the potential for a dodgy power bank to also hook up with a hosted file system and deliver malware has always been there. Though in practice you'd have to wonder whether it would all really be worthwhile for an accessory maker - the malware would have to be very tightly targetted for any rewards to make their way back to the people spending money on manufacturing and distribution.
So consider the threat a little theoretical. And it will take a few years before all OS and accessory makers are onboard. In short, don't worry, and also don't hold your breath for this being implemented across the board.