Google launched Android 10 last night for all Pixel phones. The update brings some ingenious features such as dark mode throughout the system, a new gesture navigation system and intelligent responses in notifications. But the release really focuses on privacy and security updates; Let’s take a closer look at what’s under the hood.
Before Android 10, you could only choose to allow individual applications to track your location all the time or never. Starting with this version, you can allow an application to track your location only when the application is in use. Applications will also have to explicitly ask if they need access to the background location.
Google has followed Apple’s implementation and for good reason. The iPhone manufacturer increased the bet by presenting the “Allow once” option this year with iOS 13 for applications that need access to the location for unique authentication. I really hope Android implements this as an update or includes it in the next version.
The new changes indicate that applications looking for networks using location data will have better intrusion protection.
Protection against device tracking.
With Android 10, applications cannot access confidential device information, such as the device’s IMEI and serial number. In addition, the new version of Android randomizes its MAC address by default when a device is connected to Wi-Fi.
This effectively prevents applications from transmitting confidential identification information about your device to remote servers, and reduces the chances of bad actors spying on it.
Limit application access to external storage
Google is also limiting the access of applications to their own folders in the storage of their device. That means that an application cannot access other folders stored on its SD card. You can still access media resources such as photos and videos through a secure shared implementation.
Android 10 also prevents applications from starting activities in the foreground and jumping in front of the queue. Instead, it will force the application to run in the background or will only show relevant notifications.
There are a lot of new privacy changes that restrict access to camera metadata and enable or disable Wi-Fi. You can see all the changes here.
Android 10 also offers a privacy screen dedicated to settings where you can manage your permissions, activity controls and ad settings.
On the company side, Android 10 will allow IT administrators to freeze updates for 90 days and push them manually to send them in the form of a consolidated file if any customization is necessary. In addition, administrators can avoid installing applications from unknown sources when an employee uses a work profile. To increase security, applications can ask users to create a more secure screen lock password if the requirements are not met.
Device specific security measures
As of Android 10, phone manufacturers must encrypt data on the device using Google’s new Adiantum encryption method. That will ensure that hackers cannot read on their devices. The update also implements stronger security protocols such as TLS 1.3 for greater security when accessing the Internet.
The search giant has also made changes to the biometric API that allows applications and services to use face and fingerprint authentication to make it more robust and secure.
The Google security team says it is working on a system to integrate electronic identification into a device, so you can use your phone as an identification, just as you would with your driver’s license. However, we could see that in a later version of Android.
You can check the security features of Android 10 here.
Last year, we have seen several security incidents related to Android devices. While these changes may not make them the safest devices, it will make things difficult for hackers looking to enter their devices.