Functional changes are many, but here’s an overview of those that should improve device and user security and privacy:
A more consistent UI for fingerprint authentication across apps and devices. Apps can trigger the system fingerprint dialog using a new FingerprintDialog API, and this standardized look should give users more confidence that they’re authenticating against a trusted fingerprint credential checker.
Defaults for Network Security Configuration are changed to block all cleartext (i.e., non-HTTPS) traffic. “Applications intending to connect to destinations using only secure connections can opt-out of supporting cleartext to those destinations,” Google explained.
Android P will restrict access to the microphone, camera, and all SensorManager sensors by apps running in the background. “While your app’s UID is idle, the mic reports empty audio and sensors stop reporting events. Cameras used by your app are disconnected and will generate an error if the app tries to use them,” the company says.
Also, whenever an app uses a device sensor the OS will notify users of it.
Android backups will be encrypted on the device, with a client-side secret, before being shipped to the cloud.
Apps that target Android P will no longer be able to share data with other apps using world-accessible Unix permissions. “This change improves the integrity of the Android Application Sandbox, particularly the requirement that an app’s private data is accessible only by that app,” says Google.
Android P should receive its confectionery-themed final name and be released to the general populace later this year.