Android 11 security features and improvements you need to know

[[342213]]

【51CTO.com Quick Translation】Android security has been a roller coaster over the years. From permission issues to malware/ransomware to compromised ROMS, it has encountered it all. Android developers have done a great job keeping a close eye on emerging issues, which is no easy feat. With each release of the platform, they have taken significant steps to improve the security of this mobile operating system.

Android 11 is no exception. Developers have added new features and addressed several pre-existing privacy and security issues. Let’s take a look at some of the bold choices developers made with Android 11.

Temporary and one-time app permissions

App permissions have always been an important part of security in the Android OS. Although Android has made significant improvements on this issue over the past few releases, there is always room for improvement, and that is exactly what the developers have done.

With Android 11, users can now grant certain permissions on a case-by-case basis, “just this time.” This option will appear when an app requests permission to access features like location, microphone, or camera.

If the user grants a one-time permission, the app will have access to the feature until the app is closed; once the app is reopened, the user will have to grant access again. This feature is similar to what's included in iOS 13 and should go a long way toward alleviating an insecurity issue that's been around for some time.

Block permissions

Android 11 introduces a new feature: if the user denies permission twice, it will block the app from requesting permissions. After denying an app permission twice, the user must manually grant the app permission if they want the app to work properly.

Override permissions

Did someone say “permissions”?

A very serious problem on the Android platform is the overlay attack. Overlay attacks are widespread on Android and their purpose is to intercept login information used to access the target application. Overlay attacks forge popular online services and trick users into entering the website's login information.

In Android 11, apps can no longer take users directly to the authentication screen; instead, apps can only send users to this level before granting access to the overlay. Therefore, users must then enable the option. Enabling app access to the overlay is not enough for the app to have the ability to overlay the screen. This extra step could prevent users from randomly granting malware access to their data.

Say goodbye to background location access

With Android 11, apps are no longer allowed to collect information in the background. Apps can only collect information while they are running. This will help prevent privacy issues by giving users control over when apps can collect data.

By November, if an app doesn't meet the requirements, it will be automatically removed from the Google Play Store.

Revoke unused app permissions

This is the final change to the permissions system. If you have an app that you have granted permissions to, but you haven't used the app for a few months, the permissions will be revoked and can only be re-enabled manually.

This feature works on a per-app basis (Figure A) and is not enabled by default, so you'll need to go in manually and enable the feature.

Figure A. Revoking permissions in Android 11.

Partitioned storage is back

Back in Android Q beta 2, developers announced Scoped Storage, adding a new set of rules for how apps are allowed to access storage. This caused so much excitement at the time that the developers decided to put it on hold for a year so that app developers could take steps to ensure their software is compatible with the feature. The time has now come, and Scoped Storage has finally been added to the platform.

Scope storage creates an isolated sandbox for applications, so no additional permissions are required to write files. The biggest appeal of scope storage is that applications cannot directly access the sandbox of any other application, which is expected to greatly enhance the security of the platform.

The caveat with partitioned storage is that it may slightly affect Android performance, and some older apps may not work properly, but the increased privacy and security should make these drawbacks acceptable.

Other security changes in Android 11

• Improvements to the BiometricPrompt API
• Mobile driver's license support
• Secure storage that makes it easier for applications to share data blobs
• Expanding the use of the wiper to several security-focused components
• Improved call screening
• Introducing the GnssAntennaInfo class to improve GPS privacy
• Securely capture audio from USB devices

Original title: Android 11 security features and improvements you need to know, author: Jack Wallen

[Translated by 51CTO. Please indicate the original translator and source as 51CTO.com when reprinting on partner sites]