P is for Privacy: How Android P will enhance user privacy

When a new developer preview for Android comes out, there’s always a rush to find all of the newest features. Though some of the additions may not be as nice as others, you can always count on iterative Android updates to include many privacy and security improvements. Sometimes this comes at a cost to user freedom, but it’s an effort by Google to further enter the enterprise market space and protect its users. Android P is no different. A number of additions were added to enhance user privacy and further aim to protect Android device owners from malicious applications and hackers.


Network and cloud security improvements in Android P

HTTPS by default in apps

HTTPS is extremely important, especially when browsing the internet on public WiFi or when dealing with sensitive information online. When data is encrypted, anybody trying to intercept your data between the router and your device won’t be able to see a thing. As a result, Google is enforcing that all applications built for Android P and above communicate all data via HTTPS by default. Developers will have to explicitly enable regular, clear-text HTTP if they want to use it. It’s not a requirement to use HTTPS, but it’s highly advised.

Cloud backups require a passcode to restore on Android P

Cloud backups through Google Drive will now require a passcode to restore your Android P device. This is because your data gets encrypted by using your device to generate an encryption key as it backs up. Without a passcode, your data will be unrestorable. Nobody, not even Google, should be able to access your data once it’s encrypted. It is unknown how encrypted backups will be treated if going from an Android P device to an Android Oreo device or lower. This feature is not yet available in Android P but will be in future developer previews.

Dynamically changing MAC address

When you connect to a network, your MAC address (a unique identifier for your device) is viewable by the network owner. It’s not a huge deal, but in theory, your movements could be tracked by collusion from multiple network owners. Android devices starting from Android P will support creating a new MAC address for new WiFi networks, with the intention of remaining consistent on networks with each unique MAC address. This feature is experimental and is switched off in Android P, but it can theoretically be enabled.


System security improvements in Android P

Support for APK Signature Scheme v3

We saw APK Signature Scheme v3 support coming a long time ago and it’s great news for developers. Basically, developers can now have multiple keys that can be used to compile an Android application targeted at Android P. This is opposed to just one, which would require the developer to re-upload the application to the Play Store under a different package name if lost. This is bigger for developers rather than users, but still a great addition nonetheless.

Support for hardware security modules

Here’s an addition that benefits developers and consumers: phones that launch with Android P will be able to support a StrongBox Keymaster. This is a hardware module that contains its own CPU, secure storage, a true random number generator, and additional mechanisms to protect against package tampering and unauthorized sideloading of apps.

Protection of the device-unique serial number

Every Android phone has a unique serial number which persists through any number of factory resets. It’s another way you could technically be tracked and followed. Until Android P, any application on the device has been able to see it. Apps in Android P will now need special permission to be able to see your device’s serial number.


User-facing security enhancements in Android P

Persistent notification for when sensors are in use

Not all security improvements are under-the-hood. Applications which use sensors like the microphone or camera will no longer be able to do so without declaring themselves as a foreground service. They will have to show a persistent notification that lists the application is running and using certain sensors. It is currently unknown what this means for applications like Cerberus, and it may be possible that it doesn’t apply to /system installed apps.

Unified fingerprint authentication dialog

Apps can already make use of a saved fingerprint on the device, but in Android P it will be possible to use a system-provided authentication dialog on behalf of an application. This means that the user knows the fingerprint check is legitimate by creating a standardized look and feel for all fingerprint checks.

User-facing warnings for outdated API usage

Older APIs can be tantamount to security holes. As new versions of Android come out, older APIs are deprecated and will eventually no longer function. Google has begun warning users when an app they’re using has an older API version in hopes of pushing developers to use newer, safer APIs. New or updated apps will be required to use newer API levels come this summer, so developers had better get moving soon.


Other security improvements in Android P

A number of cryptographical changes

Other improvements include cryptographical changes system-wide, which aim to enhance user privacy and security even further. Old standards were fine, but these serve as upgrades just so your device can be on the cutting edge of security.


Android P: A boon for privacy

These are only the tip of the iceberg. A number of more complicated changes are also in tow, such as changes to SELinux and restriction of undocumented APIs. While the latter has been met with disgust, Google claims that “crash risks” are the reason why they are disabling these APIs. If you’re interested in reading about the latest security and privacy changes straight from Google themselves, you can check out the links below.


Android P app behaviour
Data input privacy
System security

You may also like...