Summary
- Google’s new AI-powered security features for Android 15 enhance protection against evolving cyber threats, ensuring a safer digital environment for users.
- Android 15 will limit app permissions, notify users of unsafe cellular connections, and prevent social engineering attacks, bolstering overall security.
- Developers are now required to demonstrate the necessity of broad app access, with updated Play Integrity API providing more insights into app security.
The scale and severity of cyber-attacks are constantly changing, and operating systems need to keep up with evolving threats to safeguard users. As the most popular operating system globally, Android is known for its openness and for allowing practices such as sideloading — an action where users can install applications from sources other than the Google Play Store.
Here’s why you shouldn’t install Android 15 betas on your daily driver
You’ve heard it a million times, and that’s because it’s true; just don’t do it
However, Android’s open nature also allows bad actors to exploit the existing gaps and compromise users’ data. To address this, Google is now leveraging the power of Artificial Intelligence (AI) to reinforce Android security features. This AI-powered protection is designed to adapt and respond to evolving threats, enhancing the overall security of the Android ecosystem. The announcement was made during the 2024 I/O event.
Google’s recent security enhancement to Android 15 is a testament to the company’s user-centric approach. It aligns with the advanced theft protection suite previously added to Android, which could protect users’ valuable information in case of theft. The new security features, however, take this a step further, focusing on fortifying Android 15 and Google Play Services against fraud and scams, thereby ensuring a safer digital environment for users.
Android 15 and Google Play Services get enhanced AI-based security features
Last year, we reported that Google had rolled out an upgraded version of Google Play Protect. At the time, Google said the new feature brings real-time scanning to Android devices to combat malware at the code level. Along the way, Google Play Protect on Android devices has now received a touch of Google AI initiatives to analyze apps’ use of sensitive permissions and suspicious behaviors.
If any suspicious app is detected, it will be sent to Google for further investigation. In addition to Pixel devices, Oppo, Honor, Lenovo, OnePlus, Nothing, Transsion, Sharp, and other manufacturers will also deploy live threat detection later this year.
Google has also enhanced Android 15’s capabilities against fraud and scams with two features. First, Google now hides one-time passwords from notifications to keep them away from prying eyes and spyware. Additionally, the restricted settings page on Android now requires more user approval to enable specific permissions for an app. The feature was already seen for Android 15 under the name Enhanced Confirmation Mode, potentially limiting the permissions sideloaded apps could get.
To prevent users from falling for scammers, Google is developing a new feature for Gemini Nano AI that warns users in real-time if the ongoing conversation has patterns of fraud and scam. The feature is still in the testing phase, but it could soon be widely rolled out to users.
Android 15 will immensely limit the permissions each app can get
Cellular protection on Android 15 is also getting a boost. To do this, Google notifies users of unsafe cellular network connections that might expose their voice and SMS traffic to radio interception. Moreover, Android 15 users will be alert if a potential false cellular base station or surveillance tool records their location. Since such features require OEM integration and compatible hardware, some older Android devices might not be eligible. Google says it’s working with manufacturers to bring these features to users over the next few years.
Moreover, screen sharing on Android 15 will also be limited to prevent social engineering attacks. As Google explains, notifications and one-time passwords are now hidden when a user has shared the screen with an outsider. Additionally, the screen will be hidden when a user enters credentials like usernames, passwords, and credit card numbers. Finally, Google will soon allow you to share only one app’s content rather than your whole screen. The feature is now available on the Pixel but will soon land on other Android devices.
As for the developers, the Play Integrity API has been updated with new in-app signals to close the door on scammers and fraudulent activities. This API now provides developers with more comprehensive insights into their app’s security and integrity. For example, developers can now see if other apps capture the screen, create overlays, or control the device. They can also check if Google Play Protect is active and the device is safe before performing sensitive actions. Finally, developers can check the device’s integrity checks, which could be a sign of an attack.
Starting in August this year, the Play Store will require apps to clearly demonstrate if they need broad access to use the photo or video permissions. The photo picker on Android has also been updated to prevent excessive access to photos and videos on a device. The service has added support for cloud storage services like Google Photos as well as local and cloud search.
Source link
