The author:

  • Charmaine D ‘Silva, product director of Privacy and frameworks for Android
  • Narayan Kamath, director of Privacy and Framework engineering for Android
  • Stephan Somogyi, head of Security products for Android
  • Sudhi Herle, head of Security engineering at Android

In the #11WeeksOfAndroid series, we covered contacts and identities. In this installment, we’ll focus on privacy and security. We’ll be bringing you #11WeeksOfAndroid, an in-depth look at Android’s key technology points, and you won’t miss anything.

Privacy and security are at the heart of how we design Android, and with each new release we invest more in this area. Android 11 continues to make important progress in these areas as well, and in this article we share a series of updates and resources on Android privacy and security. But first, let’s take a quick look at some of the most important updates to Android 11 to protect user privacy and improve security on the platform.

Android 11 will give users more control over sensitive permissions. Throughout the development of Android 11, we have worked closely with the developer community to design privacy-related features in a way that strikes a balance: giving users more control over their privacy while minimizing the impact on developers. Let’s explore some of these features:

A single license

In Android 10, we introduced sophisticated location permission controls that allow users to restrict access to location information only when the application is in use (that is, only when the application is in the foreground). When the system displays the new runtime permission option, users will choose to allow access to the location only when the application is in the foreground more than 50% of the time. This proves that users really want more fine-grained permission control. So in Android 11, we introduced single-pass authorization, which allows users to grant apps access to the device’s microphone, camera, or location, but only at the time of authorization. As an application developer, you don’t need to make any changes to your application to enable one-time permissions, and the application can request permissions again the next time a user uses the application. For details on how to leverage these new changes to build privacy-friendly applications, check out the technical videos.

The background position

In Android 10, we added background location usage alerts so that users can periodically see how their apps are using this sensitive data. In more than 75% of cases, users who receive and process alerts either lower the application’s location permission level or deny permission. In addition, the vast majority of application use cases that require access to locations in the background are improper.

In Android 11, users will no longer be able to grant background location permission via run-time prompts. Instead, the permission will need to be granted more judiciously. If your application needs to access the location in the background, the system will ensure that the application requests the location in the foreground first. The app then sends a separate permission request to the system, which then takes the user to “Settings” to complete the permission grant, upgrading the app so it can access the location in the background.

In February, we released “More Secure and Transparent User Location Access,” where Google Play developers need to obtain approval for their apps to access user locations in the background to prevent misuse of location data. We are now giving developers more time to make changes, and we will not force existing apps to comply with this policy until 2021. Check out the tutorial video to find the parts of your code that might be used in the background.

Automatic permission reset

Most users tend to download and install more than 60 apps on their devices, but use only a third of the total regularly. If a user has not used an Android 11 app for a long time, the system will “automatically reset” all the granted runtime permissions associated with the app and notify the user. The next time a user uses the application, the application can request permission again. If your application has a valid reason to retain permissions, you can prompt the user to turn this feature off in Settings.

Data access audit API

Android encourages developers to restrict access to sensitive data even when users have granted them permission. In Android 11, developers will be able to see more clearly how their apps use private and protected data through the new API. Using this API, applications can track when the system records that an application has access to private data.

Partition storage

In Android 10, we introduced partitioned storage, which provides a filtered view of external storage and easy access to an application-specific set of files and media. This change protects user privacy by limiting broad access to shared storage space in a variety of ways, including changing storage permissions to only allow read access to photos, videos, and music, and improving the storage properties of applications. Since the introduction of partitioned storage on Android 10, we’ve made a number of improvements to help developers use this feature, based on feedback from developers, including: Update the permissions interface to enhance the user experience, add direct file path access to media to improve compatibility with existing media libraries, update the API for modifying media, add Manage External Storage to allow specific use cases that require extensive file access, And adding protected external application directories. In Android 11, partitioned storage will be mandatory for all apps with Target SDK Level 30. Watch the video below for details, and check out the developer documentation for more details.

  • Tencent Video link: v.qq.com/x/page/r310…
  • Bilibili video link: www.bilibili.com/video/BV1uz…

Google Play system update

The Google Play update originally shipped with Android 10 as part of Project Mainline. The main advantage of these updates is that they improve the modularity and sophistication of Android’s internal platform subsystems, allowing users to update core OS components directly through Google Play without requiring a full system update from device vendors. Earlier this year, with the help of Project Mainline, we were able to quickly fix a critical vulnerability in our media decoding subsystem. Android 11 adds new modules, while maintaining the security properties of existing modules. For example, the Conscrypt module, which provides cryptography primitives, can also pass FIPS verification in Android 11.

BiometricPrompt API

Developers can now use the BiometricPrompt API to specify the strength of the biometric authenticator required to unlock or access sensitive parts of an application. We are planning to add this API to the Jetpack biometrics library for backward compatibility and will share more updates as this work continues.

Identity credentials API

This API will unlock new use cases, such as car driver’s licenses, resident identification cards, and digital identity markers. Our security team is working to refine this API to ensure that identity credential information can be stored securely by using secure hardware to protect and control access to data. This API enhances user privacy over traditional paper documents. We are working with a variety of government agencies and industry partners to ensure that such digital-first identity experiences can be implemented on Android 11.

Thank you for your flexibility and feedback as we continue to improve privacy and security. You can visit the Android 11 Beta developer website to learn more about the features. You can also learn about general best practices for privacy and security.

More wonderful

You can check out the playlist of #11WeeksOfAndroid video content or head over to the official website to learn more about the topic in detail. We will continue to focus on new directions. Stay tuned and thank you for being with us!

  • YouTube Playlist: www.youtube.com/playlist?li…