In an attempt to heighten the security features in the Android OS, Google Inc. (NASDAQ:GOOGL) is reportedly offering data encryption in its upcoming Android platform – Android L, by default. Simply put, only someone with decryption keys can decrypt the available data which may include photos, text and other media communication. With encryption enabled out of box, it will give a tough time to law-enforcement to access data on the smartphones even with a legally binding valid warrant. Until and unless the user’s pass code is available, no one will be able to access any private data. It has been hailed as a positive feature amongst the general mass; however, it has raised eyebrows in the security agencies who may object due to security concerns.
Weak security measures of Android were long under scrutiny
Dating back to devices prior Android 4.4 which were found vulnerable to Adobe System web-view privilege escalation, malwares have been known to impersonate various trusted Android apps and potentially hijack your phone. The Bluebox Security research team, Bluebox Labs, recently discovered a new vulnerability in Android. It allows these identities to be duplicated and can be used for wrong motives. Researchers at Columbia University School of Engineering and Applied Science have recently discovered a crucial security problem in Google Play – the official Android app store.
With their tool PlayDrone they were able to extract secret keys, including that of Facebook and LinkedIn. With their security measures under question, Google was looking to answer them with complete protection.
Kept optional for 3 years, it’s now automatic
Though Google has been providing data encryption capability since past three years, it had been kept optional. Google’s spokesperson Niki Christoff told media that keys/passcodes are not stored online or anywhere off your device, so Google has no way to share them. It is, however, widely accepted that majority of the users were unaware of this option. Hence, now users don’t even have to bother about turning it on, with default settings in place.
Google’s reportedly attempt to boost data privacy behind the ramparts of upcoming Android L is seen as an attempt to come at par with its rival Apple Inc. (NASDAQ:AAPL), who has recently announced data encryption feature with the newly launched iPhone 6. Market is anyhow elated with the decision of these two software giants who seem to have accepted the need to protect the security of data, applications, the device and data on a wider scale.
Data privacy may turn out to be a one way advantage
It is definitely not a completely win-win since this new feature has come with its own drawbacks. Too much dependability on the passcode implies that once you lose the passcode, OEM too will be helpless in retrieving the data. Security agencies’ concerns can’t be overlooked with apprehensions that anti-society elements may find this new feature quiet favorable. Even when confiscated, the legal authorities will find themselves making shots in blank air. On a personal level, none of the changes made can be undone once encryption is done. The only solution that will remain will be restoration of all the factory settings which eventually will clear all alterations that were made initially. Battery drain is another problem which still needs to be resolved. Processing speed and storage too is bound to be affected along with computational resources.
The user base may increase with this new technology shift
Androids smartphone market share is already around 84% with 255.3 million Android powered smartphones being shipped in Q2 2014, resulting in a 33% yearly growth. With the new Android L, this user bases my see a gradual increase due to the enhanced security feature. Apple, though shares a better market profit, its user base still lags behind Android more because it is known to cater high-end smartphone users having deep pockets. This is unlike Android which finds its majority of users in the developing countries in the Middle East, South East Asia etc.
Updating older versions will remain a tough task
Though both iOS 8 and Android latest “L- release” have tightened their security measures, Android still lags on the front to reach to its existing users. The user base of Apple is already known to be quite loyal when compared to Android. This may take several months before most of the Android based smartphones have this fully-encrypted feature updated on their phone. This is reasonable since Android is a mobile platform that was designed to be truly open. Manufacture worldwide use this platform with their devices being sold by a whole range of different cellular carriers. For so many available versions of Android, even years old, to be updated with this feature will bring Google nightmares if it wants all its versions to come at pace with this new technology. This problem, known among experts as fragmentation, has been discussed previously. This is unlike Apple which has control over both its hardware and software. When users will update their iPhones or iPads, including the old ones, the new iOS 8, they can automatically avail this facility of full encryption. It hence seems that Android has to wait before it can actually claim that its new security feature has reached all its users.
