+ Wednesday June 19th, 2019

Every generation of devices – not just Android devices – faces new challenges and needs in terms of security. Google is always working to make the next version of Android more secure than the last, and the company posted an update from the Android Security & Privacy Team today on their blog detailing what’s coming in Android Q.

Face to Unlock

First up, the biggest user-face-facing change might be the addition of face recognition to the platform’s biometric security system (currently only using your fingerprint).

While we’ve been able to unlock our phones with facial recognition for a while, it’s generally implemented by manufacturers and only applied to your lock screen. Authenticating for purchases and apps has remained fingerprint-only.

Developers will be given a simple way to determine whether the device their app is running on supports biometrics.

This is unlikely to lead to your existing phone allowing face recognition – Google will probably require more than front-facing camera hardware. A Mate 20 Pro with its built-in IR system will likely make the cut; my P20 Pro (and it’s successor) … probably not.

Encrypt All The Things

Google announced Adiantum, its new software encryption platform, earlier this year and today is announcing (although we probably could have guessed) that it’ll be a part of Android Q.

Adiantum can be used to encrypt storage in devices that don’t have dedicated encryption acceleration hardware (also known as cheap phones), and will ensure that all Android Q devices encrypt their storage regardless of their price.

All compatible Android devices newly launching with Android Q are required to encrypt user data, with no exceptions.

Android Platform

Besides facial recognition and storage encryption, the team has worked in hardening the Android platform and is adding features that protect consumers like sandboxing media codecs, making address space layout randomisation more secure, and better sanitisation.

The security team posted a detailed explanation of these features and more on the Android Developers Blog.

Mainline updates

Reliably securing a platform can be a long game. The team delivers platform improvements each release, but it’s also important to be able to respond to immediate threats.

The team also aims to mitigate vulnerabilities that may be discovered, with Project Mainline looking to allow in-place updating of core components as needed.

The team has been building towards a lot of these features for a while, dating back to before the implementation of Treble. They also contribute to a number of open source projects dedicated to improving security. Your security on an Android Q device is in safe hands.

Source: Android Developers Blog.

Jason Murray   Assistant Editor

Jason Murray

Before discovering the Nexus One, Jason thought he didn't need a smartphone. Now he can't bear to be without his Android phone. Jason hails from Sydney, Melbourne or Brisbane depending on his mood and how detailed a history you'd like. A web developer by day with an interest in consumer gadgets and electronics, he also enjoys reading comics and has a worryingly large collection of Transformers figures. He'd like to think he's a gamer, but his Wii has been in a box since he moved to Sydney, and his PlayStation Vita collection is quite lacking. Most mornings you'll find him tilting at various windmills on Twitter - follow @JM77 and say hi!

Join the Ausdroid Conversation

avatar
  Subscribe  
Notify of

Check Also

Beware of NBN scams, with $500,000 taken from unsuspecting victims

A lack of understanding about Australia’s National Broadband Network is leading to an influx of …