Android Pie: Security and privacy changes

Are you protecting your users and sensitive O365 data from being leaked? Learn how Specops Authentication for O365 can help.

It is official: “Android P” is Android Pie, and it comes with a variety of new capabilities and security and privacy changes.

Android Pie security privacy

The newest version (9.0) of the popular mobile OS introduces a new system navigation featuring a single home button, smart text selection, digital wellbeing controls, adaptive battery, a neural networks API, smart reply, and more.

Security improvements

Android 9 has the following security improvements:

  • Built-in support for DNS over TLS, automatically upgrading DNS queries to TLS if a network’s DNS server supports it.
  • HTTPS by default. App developers who want HTTP traffic for specific domains will have to change their app’s network security config to allow those connections.
  • A new hardware security module and stronger protection for private keys (API support for devices that provide key storage in tamper-resistant hardware with isolated CPU, RAM, and secure flash.)
  • Support for encrypting Android backups with a client-side secret (by default if the user has set a screen lock for their device that requires a PIN, pattern, or password to unlock.)
  • Compiler-level mitigations for detecting dangerous behavior and integer overflow sanitizers for mitigating memory-corruption and information-disclosure vulnerabilities.
  • A consistent UI for biometric authentication across apps and devices. Apps no longer need to build their own dialog to prompt the user for any supported type of biometric authentication (fingerprint, face, iris). They can use the BiometricPrompt API to show the standard system dialog instead.

Android Pie security privacy

Privacy improvements

Android P now restricts access to the microphone, camera, and all SensorManager sensors by apps running in the background.

“While your app’s UID is idle, the mic reports empty audio and sensors stop reporting events. Cameras used by your app are disconnected and will generate an error if the app tries to use them,” the company explained. Idle apps will also not receive events from sensors.

There have also been some changes in app permissions.

“Starting today, an over-the-air update to Android 9 will begin rolling out to Pixel phones. And devices that participated in the Beta program from Sony Mobile, Xiaomi, HMD Global, Oppo, Vivo, OnePlus, and Essential, as well as all qualifying Android One devices, will receive this update by the end of this fall!” Google VP of Engineering Dave Burke shared.