Each new version of the Android OS brings improvements to almost every aspect from the design, features, APIs, and more. At Google I/O earlier this month we learned about all the improvements that Android Q is going to bring, and of course, new privacy and security announcements were not left out from the conference. The platform security is one of the most important aspects of an OS, particularly for an OS that we bring everywhere with us in our pockets. If Android wasn’t secure, we wouldn’t trust it with half as many functions as we do. NFC payments would be out of the question, file sharing would be dubious at best, and connecting to other devices would be downright madness. In spite of the long-standing issue of version fragmentation, Google has done extremely well to keep the number of security issues to a minimum.
Being one of the most basic security methods, it’s important that every device supports strong encryption. Many OEMs these days ship their devices with dedicated encryption hardware. While this is beneficial, it’s also expensive. As such, dedicated hardware has typically been restricted for mid to high tier devices. This is not to say that low-end devices cannot support encryption, but without hardware accelerated encryption the overall user experience is degraded because of slow read/write times. That’s where Adiantum comes in.
In February, Google announced Adiantum as an alternative encryption algorithm for lower-end phones that don’t support regular AES instruction sets. Adiantum is specifically designed to run without any dedicated hardware. It serves as a lighter alternative to Android’s regular AES encryption. Google’s benchmarks tell us that it’s actually 5x faster than AES, with the downside being that it slightly compromises on security. This makes it the ideal candidate for lower-end phones, such as those powered by Android Go Edition. Adiantum is also for products like smartwatches and a variety of Internet of Things devices.
Up until now, Adiantum was optional; manufacturers could enable it on devices launching with Android Pie, but it was not the default encryption algorithm. Now, Adiantum is included natively as part of Android Q. This means that all devices launching with Q will be required to encrypt user data, with no exceptions. As a result, devices launching with Android Q are guaranteed to have storage encryption, be it via Adiantum or not.
Jetpack Security Library
Jetpack is a set of Android support libraries, and one of the newest additions is in alpha: the Jetpack Security Library. The library simplifies the process of securing your application by handling things like the management of hardware-backed keystores and generating and validating keys.
Project Mainline in Android Q
Project Mainline is a major undertaking by Google to reduce the fragmentation of certain system modules and apps. Google will control updates for about 12 system components via the Play Store. We’ve talked about Project Mainline in-depth in a previous article if you’re interested in reading more.
Security has always been a core part of Android’s development. Google has done an impressive job of keeping Android up-to-date with the latest security features, as well as making some innovations of its own. They’re continuing this development process with Android Q, packing it full of security features which are made to make sure your data is safer than ever before.