The upcoming version of Google’s Mobile Operating System is known as Android Q and the company has released its first beta version. It boasts to have a lot of new privacy improvements and other security enhancements.
Q of Android Q has not been named yet and it offers more control over installed apps, their access, permissions, and location settings. It will provide more support for passive authentication like face ID, and warnings while installing a new app targeting Android Marshmallow or older.
Let us take a look at the privacy and security features of Android Q:
1) Stop Android Apps from Tracking Your Location in the Background
Android Q provides more control about how an app can use your device location information. At present there is option only to either allow or deny an app access to your device location. It does not matter whether it is being used or running in the background.
With the new version it is possible to choose from three options. Similar to iOS there are options to permit an app to access location “all the time,” “while in use,” which is when the app is in the foreground, or “Deny.”
This new feature will let the users to decide when device location data is provided to an app and prevents an app from getting location data that it does not require.
Google requests those Android developers whose application requires location data when running in the background, to declare the new permission in their app’s manifest file.
2) New Restrictions on Apps’ Access to Device Identifiers
A) Contacts Affinity — With the new version, the operating system will not be keeping track of contacts affinity information, which means that the apps searching for user’s contacts will not be able to do so.
B) Making MAC Address Randomization a Default Feature — MAC address randomization replaces the number which uniquely identifies your device’s wireless hardware with randomly generated values thereby preventing your device from being tracked while you are connected to different Wi-Fi networks. The feature was introduced in Android 6.0 Marshmallow, but with the new version it will become enabled by default. This prevents the app developers, location analytics firms, stores, and others from using MAC addresses to build a history of your device activity.
C) Non-Resettable Device Identifiers — Only those apps with the READ_PRIVILEGED_PHONE_STATE privileged permission will now be able to access your device’s non-resettable identifiers, which includes the phone’s IMEI and serial number.
D) Restricting Access to Clipboard Data — The apps will be restricted from accessing the operating system’s clipboard data. Those pps that are running currently or apps that are the default input method editor, or IME (e.g., default keyboard apps) can access the clipboard data.
E) Removing Access to Device’s Network State — The Q version removes access to the information about a device’s network state. The apps like VPN apps which require access to this information, can refer to the NetworkStatsManager and ConnectivityManager classes.
F) Access to USB serial — The apps will only be able to read the serial number of a USB device after users themselves grant permissions to access the USB device or accessory.
3) Background Apps Can’t Start A New Activity Without User Interaction
There are some new restrictions in the new version which includes preventing apps from launching activities while in the background without user interaction, keeping users more in control of what’s shown on their screen.
In almost all cases, Google has made it mandatory for apps that are in the background to create notifications to provide information to users instead of directly starting an activity.
4) Apps Can’t Change Location and Network Settings
It has been mandatory for apps to have the ACCESS_FINE_LOCATION permission to use several methods within the Wi-Fi, Wi-Fi Aware, or Bluetooth APIs.
So the third-party apps will no longer be able to make changes to your device Wi-Fi (enable or disable); Alternatively, the apps have to prompt users to enable or disable Wi-Fi in the device settings manually.
Performing manual configuration of the list of Wi-Fi networks will now be only restricted to system apps.
5) Scoped Storage to Protect Data Stored by One App from Others
Android Q will give each app an isolated storage sandbox into an external storage device so that no other app can directly access data saved by other apps on your device.
So, the app does not require any special permissions to save and access their own sandboxed files on external storage. But if an app needs to access or modify files that other apps have created, it must first request the appropriate permission.
Google has made Android Q Beta 1 available for anyone with a Google’s Pixel phone, by signing up and installing the beta operating system.
Android Q is expected to be available to all users by the third quarter of this year probably by end of August.