May 15, 2024

I/O 2024: What’s new in Android security and privacy

Our commitment to user safety is a top priority for Android. We’ve been consistently working to stay ahead of the world’s scammers, fraudsters and bad actors. And as their tactics evolve in sophistication and scale, we continually adapt and enhance our advanced security features and AI-powered protections to help keep Android users safe.

In addition to our new suite of advanced theft protection features to help keep your device and data safe in the case of theft, we’re also focusing increasingly on providing additional protections against mobile financial fraud and scams.

Today, we’re announcing more new fraud and scam protection features coming in Android 15 and Google Play services updates later this year to help better protect users around the world. We’re also sharing new tools and policies to help developers build safer apps and keep their users safe.

Google Play Protect live threat detection

Google Play Protect now scans 200 billion Android apps daily, helping keep more than 3 billion users safe from malware. We are expanding Play Protect’s on-device AI capabilities with Google Play Protect live threat detection to improve fraud and abuse detection against apps that try to cloak their actions.

With live threat detection, Google Play Protect’s on-device AI will analyze additional behavioral signals related to the use of sensitive permissions and interactions with other apps and services. If suspicious behavior is discovered, Google Play Protect can send the app to Google for additional review and then warn users or disable the app if malicious behavior is confirmed. The detection of suspicious behavior is done on device in a privacy preserving way through Private Compute Core, which allows us to protect users without collecting data. Google Pixel, Honor, Lenovo, Nothing, OnePlus, Oppo, Sharp, Transsion, and other manufacturers are deploying live threat detection later this year.

Stronger protections against fraud and scams

We’re also bringing additional protections to fight fraud and scams in Android 15 with two key enhancements to safeguard your information and privacy from bad apps:

  • Protecting One-time Passwords from Malware: With the exception of a few types of apps, such as wearable companion apps, one-time passwords are now hidden from notifications, closing a common attack vector for fraud and spyware.
  • Expanded Restricted Settings: To help protect more sensitive permissions that are commonly abused by fraudsters, we’re expanding Android 13’s restricted settings, which require additional user approval to enable permissions when installing an app from an Internet-sideloading source (web browsers, messaging apps or file managers).

We are continuing to develop new, AI-powered protections, like the scam call detection capability that we’re testing, which uses on-device Gemini-Nano AI to warn users in real-time when it detects conversation patterns commonly associated with fraud and scams.

Protecting against screen-sharing social engineering attacks

We’re also tightening controls for screen sharing in Android 15 to limit social engineering attacks that try to view your screen and steal information, while introducing new safeguards to further shield your sensitive information:

  • Automatically Hidden Notifications and One-time Passwords (OTPs): During screen sharing, private notification content will be hidden, preventing remote viewers from seeing details in a user's notifications. Apps that post OTPs in notifications will be automatically protected from remote viewers when you’re screen sharing, helping thwart attempts to steal sensitive data.
  • Safer Logins: Your screen will be hidden when you enter credentials like usernames, passwords and credit card numbers during a screen-share session.
  • Choose What You Share: Currently available on Pixel, other Android devices will also have the ability to share just one app's content rather than your whole screen to help preserve your screen privacy.

Having clear content sharing indicators is important for users to understand when their data is visible. A new, more prominent screen indicator coming to Android devices later this year will always let you know when screen sharing is active, and you can stop sharing with a simple tap.

Advanced cellular security to fight fraud and surveillance

We’re adding new advanced cellular protections in Android 15 to defend against abuse by criminals using cell site simulators to snoop on users or send them SMS-based fraud messages.

  • Cellular Cipher Transparency: We’ll notify you if your cellular network connection is unencrypted, potentially exposing voice and SMS traffic to radio interception, and potentially visible to others. This can help warn users if they’re being targeted by criminals who are trying to intercept their traffic or inject a fraud SMS message.
  • Identifier Disclosure Transparency: We’ll help at risk-users like journalists or dissidents by alerting them if a potential false cellular base station or surveillance tool is recording their location using a device identifier.

These features require device OEM integration and compatible hardware. We are working with the Android ecosystem to bring these features to users. We expect OEM adoption to progress over the next couple of years.

More security tools for developers to fight fraud and scams

Safeguarding apps from scams and fraud is an ongoing battle for developers. The Play Integrity API lets developers check that their apps are unmodified and running on a genuine Android device so that they can detect fraudulent or risky behavior and take actions to prevent attacks and abuse. We’ve updated the API with new in-app signals to help developers secure their apps against new threats:

  • Risk From Screen Capturing or Remote Access: Developers can check if there are other apps running that could be capturing the screen, creating overlays, or controlling the device. This is helpful for apps that want to hide sensitive information from other apps and protect users from scams.
  • Risk From Known Malware: Developers can check if Google Play Protect is active and the user device is free of known malware before performing sensitive actions or handling sensitive data. This is particularly valuable for financial and banking apps, adding another layer of security to protect user information.
  • Risk From Anomalous Devices: Developers can also opt-in to receive recent device activity to check if a device is making too many integrity checks, which could be a sign of an attack.

Developers can decide how their apps respond to these signals, such as prompting the user to close risky apps or turn on Google Play Protect before continuing.

Upgraded policies and tools for developers to enhance user privacy

We’re working to make photo permissions even more private for users. Starting this year, apps on Play must demonstrate that they require broad access to use the photo or video permissions. Google Play will start enforcing this policy in August. We’ve updated photo picker, Android’s preferred solution for granting individual access to photos and videos without requiring broad permissions. Photo picker now includes support for cloud storage services like Google Photos. It’s much easier to find the right photo by browsing albums and favorites. Coming later this year, photo picker will support local and cloud search as well.

Always evolving our multi-layered protections

Android's commitment to user safety is unwavering. We're constantly evolving our multi-layered user protections – combining the power of advanced AI with close partnerships across OEMs, the Android ecosystem, and the security research community. Building a truly secure Android experience is a collaborative effort, and we'll continue to work tirelessly to safeguard your device and data.

No comments:

Post a Comment

You are welcome to contribute comments, but they should be relevant to the conversation. We reserve the right to remove off-topic remarks in the interest of keeping the conversation focused and engaging. Shameless self-promotion is well, shameless, and will get canned.

Note: Only a member of this blog may post a comment.