Tech
Android boosting security with Theft Detection Lock, factory reset protection
In addition to Private Space, Android at I/O 2024 is really working to boost the mobile operating system’s theft, security, and privacy protections.
Theft protections
Android’s new protections are split into three tiers, starting with making Android devices less appealing to steal.
Google is upgrading Android’s factory reset protection so that thieves aren’t able to wipe a stolen device (ahead of resale) “without knowing your device or Google account credentials.” Meanwhile, disabling Find My Device or extending screen timeout now requires a PIN/password or biometric authentication.
If a thief knows your PIN (by watching an earlier unlock), Android is now requiring “biometrics for accessing and changing critical Google account and device settings, like changing your PIN, disabling theft protection or accessing Passkeys, from an untrusted location.”
Factory reset protection updates and private space will be released as part of Android 15. Enhanced authentication protections will be released to select devices later this year.
When your phone is stolen, new features like Theft Detection Lock will detect it being taken out of your hand. Google uses sensors and on-device models to lock the devices when somebody “tries to run, bike or drive away.”
Meanwhile, Offline Detection Lock will kick in “if someone steals [your phone] and turns off the internet.” This is to prevent someone from accessing your data.
These two features are rolling out to Android 10+ via a Google Play services update later this year.
Finally, Android is introducing Remote Lock as something faster than Find My Device after your phone is stolen.
…many users are shocked and stressed after a phone goes missing and can’t recall their Google account password to access Find My Device.
Users will be able to lock their phone’s screen with just their “phone number and a quick security challenge.”
This buys you time to recover your account details and access additional helpful options in Find My Device, including sending a full factory reset command to completely wipe the device.
This is rolling out via a Google Play services update later this year.
Security and privacy
Google Play Protect is getting live threat detection to “analyze additional behavioral signals related to the use of sensitive permissions and interactions with other apps and services.” If suspicious behavior, Play Protect will send the app to Google for additional review and “warn users or disable the app if malicious behavior is confirmed.”
Android Private Compute Core is leveraged to do all of this in a privacy-preserving manner. Live threat detection is coming to Pixel, Oppo, Honor, Lenovo, OnePlus, Nothing, Transsion, Sharp and other manufacturers later this year.
Android 15 will hide one-time passwords from notifications to combat spyware and fraud. There are a few exceptions for apps wearable companion clients. OTPs and private notification content will also be hidden when screens sharing. Login — usernames, passwords, and credit card numbers — screens will also be hidden. Google is also expanding the Pixel’s single-app screen sharing.
Finally, Android is getting a “more prominent screen indicator” later this year with a single tap disabling it.
Android 15 is adding new cellular protections, like alerting you if a network connection is unencrypted and “potentially exposing voice and SMS traffic to radio interception.”
These [cellular] features require device OEM integration and compatible hardware. We are working with the Android ecosystem to bring these features to users. We expect OEM adoption to progress over the next couple of years.
FTC: We use income earning auto affiliate links. More.