Android 15 Is Getting New Features To Keep Your Data Secure And Private

While the main keynotes at Google I/O 2024 were primarily focused on demonstrating Google's dominance in the field of AI, with a new AI search overview and many updates to Gemini, there were also other announcements delivered under the radar regarding upgrades to Android 15 and beyond. Among these were a slew of privacy and security enhancements for Android. As technology evolves, so do the threats posed to billions of users on Android devices across the globe. With each iteration of the mobile OS, Google has also beefed up security in tandem. Today's announcements promise to deliver much needed security tools.

Among the new features there is malware detection, anti-fraud and scam measures, improved defenses against social engineering attacks, as well as a new suite of anti-theft protections that work before, during, and after a theft. Some of these upgrades are coming with Android 15, while others will apply to any device running Android 10 and up. Although none of these features are the sort of flashy party tricks that often get the most focus when a new version of Android is released, they are important additions to Android's security and privacy frameworks. Here we'll look in further detail at all the new ways Google hopes to make your Android device safer and more secure.

One of the most significant updates to Android security will be live threat detection, which Google and its hardware partners plan to deploy later this year. Using on-device AI, Google Play Protect will scan for suspicious behavior around sensitive permissions and other app or service interactions. If an app behaves in a way that triggers a red flag, it will be sent to Google for additional review. If it is then determined to be a threat, Google will warn users, or even remotely disable the app. Here's hoping the system is accurate, as getting locked out of a legitimate app would be a real pain for users. It's likely that sideloaded apps that act outside the bounds of what Google considers legitimate are more likely to trigger the AI's threat detection than others. We'll have to see how things shake out when it's deployed.

Devices from Google, Oppo, Honor, Lenovo, OnePlus, Nothing, Transsion, and Sharp are among those listed, but strangely there's no mention of this enhanced protection coming to Samsung's extremely popular Android devices. Samsung often likes to build proprietary versions of things Google already offers, so perhaps that's the plan here.

Another welcome security improvement coming to Android is the upgraded fraud and scam protections, accomplished through enhanced one-time password (OTP) security and additional implementations of Android restricted settings. The former appears to come in response to notification data being used as an attack vector for malicious actors who wish to gain access to smartphones, while the latter improves the balance between freedom and trust for apps that need deep system permissions.

In recent years, it has become clear that SMS-based OTPs are far less secure than you may have thought, and push notifications in general can be a major security flaw. Not only has Apple confirmed governmental use of iPhone and Android push notifications to spy on users, but OTP attacks in general are harrowingly common. In Android 15, steps will be taken to address this by hiding OTPs from notifications, reducing the likelihood they will be used for fraud or scams.

Additionally, restricted settings in Android 15 will be expanded, making it harder for malicious apps to use system permissions to carry out attacks. Restricted settings add extra steps if the app requesting them was sideloaded from the internet. This applies particularly to apps like web browsers, messaging apps, and file managers, all of which may require deep system permissions to function. Since sideloaded apps don't go through Google's review process, they can easily be used to deploy malware, which is why it's never a good idea to install them unless their authenticity and legitimacy can be easily verified. For example, downloading the Epic Games app from the Epic Games website.

Despite what Hollywood may suggest, most of the time, your Android device won't be hacked by a sophisticated attacker dressed like Neo from "The Matrix" typing furiously into a terminal. Instead, the most common attacks begin with social engineering, where people are tricked into divulging privileged information. In many cases, hackers will ask targets to share their screen or give them remote access to their device, so that they can view the victim's OTPs or credentials such as usernames and passwords. Therefore, Google is introducing new measures to combat such vulnerabilities in Android 15.

Sensitive notifications like OTPs will be hidden when screen sharing is turned on. Additionally, your screen will be hidden when entering login credentials, payment information, and other privileged data. In order to prevent malicious actors from accessing your entire system, Android users will be able to choose to share only specific apps over screen share instead of the whole screen. Furthermore, users will be notified much more prominently when their screen is being shared.

In practice, if you were convinced into sharing your screen showing your banking app to someone, they wouldn't be able to see your notifications at all. If you were unwise enough to enter your login credentials with screen sharing turned on, they wouldn't be able to see you enter them.

Networks are another common vector of attack to steal your information. Attackers can use devices called cell site simulators to spoof cellular towers, thus convincing your device to leave the legitimate network and connect to the attacker's fake access point. These devices, also known as stingrays, are used by both hackers and law enforcement to collect data against your will. For example, the Baltimore Sun found in 2015 that the Baltimore Police Department had used stingrays thousands of times, often with little cause. Starting in Android 15, Google is deploying combative measures to fight these types of attacks.

The first of these measures is cellular cipher transparency, which will notify Android users if their cellular network connection is unencrypted. According to Google, this can help warn users if their traffic is vulnerable to interception, including the potential injection of fraudulent SMS messages. Additionally, Google is deploying something called identifier disclosure transparency, which will alert users if a false cellular base station or other surveillance tool is siphoning their location data. Google claims this will help protect journalists and political dissidents, but it may also help the average person if local police are deploying a stingray near their location.

Google notes that these features require integration at the hardware level, so not everyone will see these features on their device when they upgrade to Android 15. However, Google promises that adoption will increase over the next couple of years.

Another security area that Google is focusing on is theft protection. It's no secret that smartphone theft is an incredibly common crime, so Android's new features focus on protections before, during, and after a theft. These features will be deployed to devices running Android 10 and forward.

Firstly, factory reset protection is being enhanced, so that if a criminal manages to wipe a stolen phone, it will require that an owner's device or Google account credentials must be entered before it can be set up again. Also, disabling Find My Device or extending screen timeouts will require PIN, password, or biometric authentication. Furthermore, biometric authentication will be required to change a device's PIN, access passkeys, or disable theft protection when the device is in an untrusted location.

There will also be a protection that kicks in when your device moves quickly in a manner that suggests it may have been snatched. Using Google AI, when such motion is detected, the device will automatically lock. If the thief attempts to disconnect the device from networks, the phone will also lock. If you're the kind of person who forgets passwords often, Find My Device will now let you remotely lock your Android device with just a phone number and security challenge.

Google is also adding a feature called private space, which adds a locked down partition to an Android device where sensitive apps and files can be stored. This is essentially the same thing as Secure Folder on Samsung Galaxy devices, which has been a much appreciated security feature for a few years.