Date: April 07, 2024
Keeping in mind the recent security issues for mobile apps rooted in inferior development practices, Google has made few changes to its tools to help Android mobile app developers boost the security of their devices.
Recent cryptographical change in android mobile apps’ security will help developers prevent unintended exposure of personal and data to other applications or the OS.
Android Keystore provides app developers with a set of crypto tools for securing data with a key-based system. Developers can use this key to know which application sources are encrypted and how they can be unlocked.
Google’s latest mobile OS, Android Pie will now help developers to protect sensitive information by preventing applications from decoding keys if the user isn’t using the gadget.
The availability of ‘keyguard-bound’ crypto keys to perform data decryption is attached directly to the screen lock state. The keys become unavailable as soon as the screen is locked and is made available when the user logs in to his device.
Google Play researchers said,
“There are times when a mobile application receives data but doesn’t need to immediately access it if the user is not currently using the device. Now when the screen is locked, these keys can be used in encryption or verification operations, but are unavailable for decryption or signing. If the device is currently locked with a PIN, pattern or password, any attempt to use these keys will result in an invalid operation.”
Another new component Secure Key Import shields touchy information from being seen by the application or supporting framework.
An application or OS can send ‘intent’ messages out which can be listened to by other applications without proper access restrictions and permissions put in place.
Another problem revealed at DEFCON, showed that Android developers not following security guidelines for external storage can allow hackers to steal personal information or even access the whole device.
In the last few months, several outcomes for exploiting data leakage came into light. Any extra effort to save the user’s personal data is appreciable.
Arpit is a dreamer, wanderer, and a tech nerd who loves to jot down tech musings and updates. With a logician mind, he is always chasing sunrises and tech advancements while secretly preparing for the robot uprising.
Top 50+ D2C Brands in India That are Disrupting the Market in 2024
Discover the top 50+ D2C brands transforming India's consumer market with innovative products and unparalleled customer experiences in this comprehensive overview.
Snap Introduces Watermarks To Highlight AI-Generated Images
To enhance user experience and safety, Snapchat has introduced an automated watermark that distinguishes AI-generated images from others.
WhatsApp Chat Filters Launched For Improved Management
Meta has introduced chat filters on WhatsApp, redefining the home interface to be more organized and accessible.
Meta’s Oversight Board Actively Reviewing AI-Nudity Reports
Meta’s oversight board has been actively investigating the actions taken on user-raised flags and reports against AI-generated nudity.
