Home / Technology / Google sum Android 6.0 requirements: Disk encryption by default …

Google sum Android 6.0 requirements: Disk encryption by default …

Google has updated a Compatibility Definition request for Android 6.0, that radically tells phone and inscription makers what they need to scrupulously run a company’s latest and biggest handling system. There are during slightest 3 highlights worth pointing out: Android 6.0 requires that manufacturers capacitate full-disk encryption by default, what accurately fingerprint sensors require, and Doze mode can't be modified.

Google unveiled Android Marshmallow during a I/O 2015 discussion in May. After 3 developer previews, Google launched a Nexus 5X and a Nexus 6P, that are powered by a new OS out of a box. Now a association has common what companies need to keep in mind if they wish to do a same.

First and foremost, full hoop encryption is now mandatory. There is some critical story here: Google not usually enabled encryption by default on a Nexus 6 and Nexus 9, yet with Android 5.0 Lollipop even compulsory it for other devices. The association afterwards backpedaled and motionless to “strongly recommend” encryption, yet it betrothed to change that to a requirement in destiny versions of Android.

Apparently “future versions” means Android 6.0:

For device implementations ancillary full-disk encryption and with Advanced Encryption Standard (AES) crypto opening above 50MiB/sec, a full-disk encryption MUST be enabled by default during a time a user has finished a out-of-box setup experience. If a device doing is already launched on an progressing Android chronicle with full-disk encryption infirm by default, such a device can't accommodate a requirement by a complement program refurbish and so MAY be exempted.

That second judgment means this is unequivocally only germane to new devices, given aside from a Nexus 6 and Nexus 9, roughly no Android device launched with encryption by default. A lockscreen is still not required, yet if a user decides to start regulating one, this change means it is now no longer required to re-encrypt a whole disk.

The new Nexus inclination have fingerprint sensors, and so we can design that some-more and some-more Android inclination will as well. While many flagships already support fingerprint authentication, it was adult to OEMs to exercise a feature. As of Android 6.0, a handling complement can hoop it. You can use your fingerprint to clear your device, sanction exchange in a Google Play store, pointer into third-party apps, and check out with Android Pay.

The manners for implementing fingerprint sensors are as follows.

If a device doing includes a fingerprint sensor and has a analogous API for third-party developers, it:

  • MUST announce support for a android.hardware.fingerprint feature.
  • MUST entirely exercise a analogous API as described in a Android SDK support [Resources, 95] .
  • MUST have a fake acceptance rate not aloft than 0.002%.
  • Is STRONGLY RECOMMENDED to have a fake rejecting rate not aloft than 10%, and a latency from when a fingerprint sensor is overwhelmed until a shade is unbarred next 1 second, for 1 enrolled finger.
  • MUST rate extent attempts for during slightest 30 seconds after 5 fake trials for fingerprint verification.
  • MUST have a hardware-backed keystore implementation, and perform a fingerprint relating in a Trusted Execution Environment (TEE) or on a chip with a secure channel to a TEE.
  • MUST have all identifiable fingerprint information encrypted and cryptographically real such that they can't be acquired, review or altered outward of a Trusted Execution Environment (TEE) as documented in a doing discipline on a Android Open Source Project site [Resources, 96] .
  • MUST forestall adding a fingerprint though initial substantiating a sequence of trust by carrying a user endorse existent or supplement a new device credential (PIN/pattern/password) regulating a TEE as implemented in a Android Open Source project.
  • MUST NOT capacitate 3rd-party applications to heed between particular fingerprints.
  • MUST respect a DevicePolicyManager.KEYGUARD_DISABLE_FINGERPRINT flag.
  • MUST, when upgraded from a chronicle progressing than Android 6.0, have a fingerprint information firmly migrated to accommodate a above mandate or removed.
  • SHOULD use a Android Fingerprint idol supposing in a Android Open Source Project.

Device makers have to follow these mandate to safeguard fingerprint sensors work with Marshmallow and any apps that use a APIs. How accurately this will impact phones and tablets that ascent to Android 6.0 stays to be seen, yet it shouldn’t take some-more than re-scanning your fingerprint.

Last yet not least, Doze mode is meant to make your device use fewer resources when left unattended: It automatically goes into a low nap state to preserve power. That said, even if we forget to block in your phone before bed, your phone’s alarm time will still ring (assuming your battery doesn’t totally run out). App Standby puts your seldom-used apps into a reduced activity state to preserve battery for a apps we use some-more frequently.

Google isn’t vouchsafing companies disaster with either:

All apps exempted from App Standby and/or Doze mode MUST be done manifest to a finish user. Further, a triggering, maintenance, wakeup algorithms and a use of Global complement settings of these power-saving modes MUST not deviating from a Android Open Source Project.

It’s good that Google is interlude device makers from screwing around with Marshmallow’s energy government improvements. How app developers will try to by-pass them, however, stays to be seen.

If that wasn’t adequate for you, check out a full 74-page request right here: Compatibility Definition (PDF).

More information:

Powered by VBProfiles

Article source: http://venturebeat.com/2015/10/19/google-details-android-6-0-requirements-disk-encryption-by-default-fingerprint-sensors-and-doze/

Scroll To Top