NOVEMBER 10, 2017
There’s plenty to get excited about in Android 8.0: improved auto-fill functionality, picture-in-picture capability, greater notification control, and plenty more. While these features are all-impressive, Android has also included a number of significant security enhancements that you shouldn’t miss.
More secure booting
Android’s Verified Boot feature was introduced in 2013 and has been fine-tuned since. In Oreo, it performs a quick inspection of a device’s software before it starts up.
The Verified Boot functionality prevents the device from starting if it detects that its OS reverted to an older version, which can expose it to security risks resulting from the older version’s vulnerabilities. With this upgrade, any attempts to exploit your device and data can be foiled by a system reboot.
If you’re worried about physical attacks compromising your device’s security, Oreo covers that front by enabling a chip-based feature that fortifies security for Android devices. Integrating chip technology into supported devices’ security system makes tampering and other forms of physical intrusion extremely challenging for hackers, giving users greater protection.
Stricter app permissions
It’s tempting to simply click ‘OK’ whenever downloaded apps request permission to access your data and perform certain functions during installation. Android has limited what apps can actually gain access to your data with the System Alert Window feature.
The system alerts on previous Android OS were supposed to allow apps and programs to interact with the users by sending pop-up boxes and similar elements that usually cover up the device’s entire screen. However, Android developers detected a potential for its abuse. For example, hackers can easily use similar pop-up boxes that purport to be from legitimate apps.
With the new System Alert Window in Oreo, the pop-up boxes have been modified so that they’re easier to dismiss, limiting what malicious apps can do to trick users into clicking them.
Two-factor authentication support
Two-factor verification has become a standard feature in cyber security because it adds a much-needed layer of protection in accessing a password-protected account. It typically works by prompting a user to enter another piece of information in a separate device (e.g., a smartphone) or any physical token, which only the account owner would have.
Android 8.0 integrates a two-step verification that allows the use of a security key, which can easily connect to an Android device. Currently, it works only on apps that support it, but it won’t be long before more apps adopt it as an essential security protocol.
Sandboxing essentially does one crucial thing for security: isolate compromised or problematic areas within a software or system so that they don’t infect the rest of the system.
Android Oreo beefs up its sandboxing capability by deploying a filter that prevents malicious apps from accessing the OS’s command center, thereby limiting their interaction with the system and other safe apps.
These security improvements aren’t the most noticeable features in Android Oreo, but they’re worth paying attention to. If you need to learn more about your systems’ and devices’ security features, get in touch with us today.