0
Please log in or register to do it.

Android 15 is still in development, but on Friday, February 16, Google released the first developer preview of the upcoming operating system. The tech giant said its new Android software will primarily focus on security, and a new report claims it has discovered three new ways to make smartphones and sensitive data more secure. According to this, Android 15 will be able to better protect notifications resulting from two-factor authentication (2FA) to ensure that malicious apps or malware cannot access user data to steal it.

According to a report by Android Authority’s Mishaal Rahman, Android 15 will implement new methods to fill in the gaps left by previous versions. Currently, most two-step verification methods for social media profiles, email, and banking apps use SMS to send a one-time password (OTP). However, there is a risk that malicious third-party apps can read these notifications and use them to hack your sensitive data or break into your banking app to steal your money.

To reduce the risk, Google has already started placing code strings into current versions of the OS. The report found a line of code in the Android 14 QPR3 beta 1 update that mentions a new permission called RECEIVE_SENSITIVE_NOTIFICATIONS. This permission comes with a higher level of protection and can only be granted to apps that Google has personally verified. The exact role of this permission is unknown, but the name suggests it handles a special category of notifications that third-party apps can’t read.

The report highlights that 2FA-related notifications are likely to be targeted. This belief stems from separate code strings Rahman discovered that point to under-development platform features whose permissions are tied up. The name of this function is NotificationListenerService and it is an API that allows apps to read or take action on notifications. A common use case is the number of apps requesting access to notifications to autofill OTP when creating a new account. However, once this API is enabled (it’s not in Android 14 builds), it becomes more difficult.

The report highlighted that using this API requires users to enter settings and then manually grant permission to the app before activating it. These strict measures will likely apply to two-factor authentication. But even in the second case, we can’t say for sure.

Rahman discovered a third hint that likely ties all the developments together. A new flag has appeared in the code called OTP_REDACTION. Modify the OTP notification on the smartphone lock screen. Google doesn’t currently use this flag, but reports suggest it could be enabled in Android 15. All three separate developments point towards securing OTP notifications from third-party apps, which makes it likely that the tech giants will use them to protect their finances. Other sensitive apps that may contain sensitive information.

Affiliate links may be generated automatically. Please see our Ethics Statement for more information.

First TV debate on medical school expansion… “We cannot delay the increase in troops” vs. “Essential medical care
The first TV debate between the Ministry of Health and Welfare and the medical community… Differences in opinion on whether there is a shortage of doctors

Reactions

0
0
0
0
0
0
Already reacted for this post.

Reactions

Your email address will not be published. Required fields are marked *