It doesn’t matter if you are an everyday user or a tech expert, fears around privacy violation can keep you up at night. According to statistics, in the second quarter of 2018, 88% of mobile phones were running on Android OS. So it’s important to know what steps platforms, such as Android, are taking to provide more privacy assurance. What are they doing to play better defense?
This year at Android Dev Summit 2018, Google showcased some new privacy features for Android Apps.
You can watch the video here: Best practices for building privacy-friendly apps (Android Dev Summit '18)
There are three major points to consider when focusing on privacy in Android apps:
- How apps access user data.
- The degree of user control over the data being accessed.
- Transparency regarding why this data is required and how it is being used.
What is Android (Google) doing to boost user confidence?
Google has a multilayer approach for enhanced privacy capabilities. They have initiatives fighting against privacy abuse when using apps downloaded from Google Play.
- Platform Updates: Every year, Google pushes new updates to the platform APIs to ensure that the APIs are used properly and do not have privacy loopholes.
- Google Play Policy: When an app is uploaded to the Play Store, it is important that it respects the policies defined by Google Play. These policies enforce key elements that contribute to privacy, such as the apps not being used for gambling, illegal activities, malicious behavior etc. Read more about it here.
- Anti-Abuse Classifiers: Google uses Machine Learning (ML) to monitor apps in their early stages to see if they abuse user privacy in any way. These models are trained to spot any malware on a network, guide incident response, and detect intrusions before they start.
- Human Reviewers @ Google: Although there are ML algorithms running to catch security issues every day, there is a dedicated team at Google to evaluate, identify the root cause, and help mitigate vulnerabilities.
- Vulnerability Reward Programs: Google invests a lot in comprehensive security programs to work with people all around the globe. In 2017, Google received over 450 qualifying reports. To reward this vigilance, the payout was a $1.1 million dollars.
What can YOU do as a dev?
As developers we have the privilege to work with Android platform APIs. We need to make sure we stand behind and promote proper security practices when developing apps. It’s as simple as that.
A common dev question is always: “Do we really need it?” Most of the data collected is for analytics, but later on, it gets abandoned.
Let’s look at some of this data:
- IMEI Number: Used to identify a unique user.
- Installed App: The list of installed apps by the user.
- User Location: The location of a user when the app is opened.
- Network Information: The information such as the name of wifi the user is connected, the type of network, strength etc.
Good news! When it comes to less privacy-friendly options, there are, fortunately, more privacy-friendly solutions:
- Replace IMEI & hardware identifiers with Instance ID, Google ad ID
- Replace Read SMS permission with Play SMS retriever API
- Replace Fine location with Coarse location
- Replace READ_PHONE_STATE permission with Audio focus as an in-call signal
Before collecting any personal information that may be sensitive to the user such as home address, passwords etc., it is mandatory to have a Disclaimer about what information will be asked and why.
Recent Changes in Android OS
As Google introduces new APIs to interact with the Android platform, they reinforce their commitment to privacy. In the latest Android 9.0 release, for example, these new permissions surfaced:
- The Call Log permission splits from the Phone Permission into its own permission group. This enables users to be more aware of the apps that want to access call logs.
- In Android 8.0, the BUILD.Serial static field was deprecated. Instead, you can use Build.getSerial() as it is now gated behind READ_PHONE_STATE permission. It is a play store policy violation to use it for advertisements.
- Android apps running in the background will no longer have access to hardware APIs like Camera, Mic and Sensors.
(Note: If you need to use any of these services, the app must be in the foreground. The system also presents a visual add in notifications to inform the user when these services are being used.)
- The contact interaction data is no longer available in the Android Contacts API. The below fields were removed from the API.
I really believe that we don’t have to make a trade-off between security and privacy. I think technology gives us the ability to have both. — John Poindexter
Google evolves their APIs every year to prioritize user privacy. It is up to us as developers to make correct use of this technology and deliver on the peace-of-mind a user assumes (and expects) when using an app.