Google’s Android Lockdown—Why You Need A New Phone In 12 Weeks – Forbes
Depressed woman sitting alone and looking smartphone with holding her head on corridor in front of … [+] room at apartment in low key styleWhen it comes to the Android threat landscape, we’re into the science of big numbers. Google describes “a vibrant ecosystem with billions of users around the globe and millions of helpful apps,” and so it’s little surprise that the number of threats it intercepts and removes are just as large and impressive. But that’s not the real story in Google’s report card for last year. The real story is what’s being done to lock down Android, and why you’ll need a newer model phone in 12-weeks time.Google says its “AI-powered threat detection, stronger privacy policies, supercharged developer tools, new industry-wide alliances, and more” resulted in more than 2 million “policy-violating apps” not making it onto Play Store last year, as well as bans for “more than 158,000 bad developer accounts that attempted to publish harmful apps.” Just as importantly, Google says it “prevented 1.3 million apps from getting excessive or unnecessary access to sensitive user data.”This permission abuse is rife across Google and its efforts to tighten up are to be welcome. But despite the million-plus apps not getting access to permissions they don’t need, many more did exactly that. Just a week ago I reported on some of the most popular crypto apps on Play Store raising “alarming security and privacy concerns” from their permissions, and late last year on “the 50 popular apps” seemingly having “no limits” on the sensitive permissions requested and then abused. Don’t assume Google’s big numbers mean any of the problems have been solved. At least not yet. This remains work in progress.The two more notable updates from Google’s blogpost are what’s coming rather than what’s been and gone. I’ve already reported on new on-device monitoring to “automatically revoke app permissions for potentially dangerous apps,” which is a huge step in the right direction and should be welcomed by users. As and when you see on-screen alerts suggesting you “uninstall [a]Huge number of phones are on old versions of Android.The other highlight further narrows the gap to iPhone, removing some of the looser restrictions that enabled threats to more easily fester on its ecosystem than Apple’s. “The Play Integrity API,” Google says, “allows developers to check if their apps have been tampered with or are running in potentially compromised environments, helping them to prevent abuse like fraud, bots, cheating, and data theft.” The company also notes that “apps using Play integrity features are seeing 80% lower usage from unverified and untrusted sources on average,” and that “over 91% of app installs on the Google Play Store now use the latest protections of Android 13 or newer.”Those last two stats are critical. Because Google’s Play Integrity API is changing, and for the 750-million-plus users on Android 12 or older, you may need to go buy a new phone if you can’t run a newer OS to keep your apps functioning as now. Google has confirmed that “we’re changing the technology that powers the Play Integrity API on all devices running Android 13 and above to make it faster, more reliable, and more private for users.” The changes means the security wrap will now “make greater use of hardware-backed security signals… making it significantly harder and more costly for attackers to bypass.”Put simply, that means an app can judge the likely security of a device before deciding how to operate. And that judgment will be part based on the recency of security updates and the OS installed. If it’s not Android 13 or newer, ”apps with higher security needs, like banking and finance apps, governments, and enterprise apps, more ways to tailor their level of protection for sensitive features, like transferring money.”Around one-third of Android devices are running Android 12 or older, which means a huge number of users likely off-support and not keeping their devices secure. With this update, banking and other apps will stop working as now. If these are apps you need, you will also need an OS and maybe even a device upgrade when this Play Store update fully rolls out.The updated Play Integrity API was made available to developers in December and was made mandatory for new apps. It will be made mandatory across the board in May. That’s just 12-weeks from now. At that point all users need to be running a relatively new device with a relatively new OS. You have been warned.One Community. Many Voices. Create a free account to share your thoughts. Our community is about connecting people through open and thoughtful conversations. We want our readers to share their views and exchange ideas and facts in a safe space.In order to do so, please follow the posting rules in our site’s Terms of Service. We’ve summarized some of those key rules below. Simply put, keep it civil.Your post will be rejected if we notice that it seems to contain:User accounts will be blocked if we notice or believe that users are engaged in:So, how can you be a power user?Thanks for reading our community guidelines. Please read the full list of posting rules found in our site’s Terms of Service.
