Every generation of devices – not just Android devices – faces new challenges and needs in terms of security. Google is always working to make the next version of Android more secure than the last, and the company posted an update from the Android Security & Privacy Team today on their blog detailing what’s coming in Android Q.
Face to Unlock
First up, the biggest user-face-facing change might be the addition of face recognition to the platform’s biometric security system (currently only using your fingerprint).
While we’ve been able to unlock our phones with facial recognition for a while, it’s generally implemented by manufacturers and only applied to your lock screen. Authenticating for purchases and apps has remained fingerprint-only.
Developers will be given a simple way to determine whether the device their app is running on supports biometrics.
This is unlikely to lead to your existing phone allowing face recognition – Google will probably require more than front-facing camera hardware. A Mate 20 Pro with its built-in IR system will likely make the cut; my P20 Pro (and it’s successor) … probably not.
Encrypt All The Things
Google announced Adiantum, its new software encryption platform, earlier this year and today is announcing (although we probably could have guessed) that it’ll be a part of Android Q.
Adiantum can be used to encrypt storage in devices that don’t have dedicated encryption acceleration hardware (also known as cheap phones), and will ensure that all Android Q devices encrypt their storage regardless of their price.
All compatible Android devices newly launching with Android Q are required to encrypt user data, with no exceptions.
Besides facial recognition and storage encryption, the team has worked in hardening the Android platform and is adding features that protect consumers like sandboxing media codecs, making address space layout randomisation more secure, and better sanitisation.
The security team posted a detailed explanation of these features and more on the Android Developers Blog.
Reliably securing a platform can be a long game. The team delivers platform improvements each release, but it’s also important to be able to respond to immediate threats.
The team also aims to mitigate vulnerabilities that may be discovered, with Project Mainline looking to allow in-place updating of core components as needed.
The team has been building towards a lot of these features for a while, dating back to before the implementation of Treble. They also contribute to a number of open source projects dedicated to improving security. Your security on an Android Q device is in safe hands.