ktsdesign - Fotolia
Google announces security features for Android
Google announces better app permission controls and other Android security changes at its Google I/O developer conference
Google has announced several new security features for its Android mobile operating system at its annual Google I/O developer conference in San Francisco.
First, Google has introduced Smart Lock Passwords, a feature which enables Android devices to store usernames and passwords for apps.
This means Android users will only have to remember a single password. As a result, usernames and passwords for apps can be longer and more complex to be more secure.
"By integrating Smart Lock for Passwords into your Android app, you can automatically sign users into your app using the credentials they have saved," Google said in a developer's guide.
Smart Lock is part of Google’s new Identity Platform and will be included in Google Play Services 7.5, which means it will be available as an automatic update for devices running Android 2.3 or higher.
Smart Lock will be immediately available for a handful of apps, including Netflix and LinkedIn, but developers are likely to add support for all other apps in time.
Google also announced that Android M, the latest build of its mobile operating system, will be the first version to work with fingerprint sensors, which means Android users will be able to join Apple users in using fingerprint authentication to unlock devices.
Android apps will also be able to make use of fingerprint scans in apps to do things like authorise purchases.
Android M will also include finer controls for users to choose what permissions apps have to access and collect data.
Read more about Android security
- The rapid growth of new Android malware calls for automated tools to help malware analysts
- Apps repackaged through reverse engineering pose a big security risk to the Android smartphone operating system
- Android users advised to upgrade to latest version of OS as Google stops security updates for version 4.3 and earlier
The mobile operating system is designed to enable users to choose what data to allow third-party apps on an ongoing basis instead of live with the default permissions accepted at installation.
The post-installation controls for app permissions is probably the most significant development in making Android more secure as fingerprint authentication is arguably still not fool-proof, and some users may not be comfortable in entrusting Google to look after all their passwords.
However, users concerned about privacy can still opt for a third-party password manager such as Dashlane, which works with Google’s fingerprint and confirm credential application programming interfaces, reports BGR.com.
This means users will need to authenticate only to the Dashlane app using a fingerprint scan to be able to log into any app without typing in a password.
But fingerprint unlocking is unlikely to be the method of choice for the privacy-conscious, especially in the US, where a court has ruled that fingerprints are not covered by the 5th Amendment of the US Constitution, reports The Register.
This means US authorities can force people to unlock devices using a fingerprint in a way they cannot with a password because the 5th Amendment protects US citizens from self-incrimination.
Android M is available immediately for developers, but the full release is expected only in the last three months of 2015.