Android 15 remains to be below improvement, however on Friday, February 16, Google launched the primary Developer Preview of the upcoming working system. The tech large stated that the brand new Android software program will largely concentrate on safety, and a brand new report claims to have discovered three new methods it is going to make your smartphone and your delicate information safer. According to it, Android 15 will have the ability to higher shield the notifications that come up from two-factor authentications (2FA) so {that a} malicious app or malware can not entry it to steal consumer information.
According to a report by Android Authority’s Mishaal Rahman, Android 15 might be implementing new methods to cowl the gaps left behind by its predecessors. Currently, most two-factor authentication strategies for social media profiles, emails, and banking apps use SMS to ship a one-time password (OTP). However, there’s a threat if a malicious third-party app can learn this notification and use it to hack into delicate information or get into your banking apps and steal cash.
To scale back the danger, Google has already begun inserting strings of codes within the present version of the OS. The report discovered a line of code within the Android 14 QPR3 Beta 1 replace that mentions a brand new permission named RECEIVE_SENSITIVE_NOTIFICATIONS. This permission comes with a better safety degree and might solely be given to apps that Google personally verifies. The actual function of this permission isn’t recognized however given its naming, it seems to take care of a particular class of notifications that won’t be accessible for third-party apps to learn.
The report highlights that it’s doubtless geared toward 2FA-related notifications. The perception comes from a separate string of code discovered by Rahman, which factors to an under-development platform function, to which the permission is tied. The function is called NotificationListenerService and it’s an API that lets apps learn or take motion on notifications. A common use case can be what number of apps ask for entry to notifications to auto-fill OTP when creating a brand new account. However, as soon as this API turns into lively (it is not within the Android 14 construct), this may get tougher.
This API would require the consumer to enter Settings after which manually grant permission to apps earlier than they are often turned lively, the report highlights. Such stringent measures are doubtless for two-factor authentication. However, even within the second case, it can’t be stated for certain.
Rahman discovered a 3rd trace that doubtless ties all of the developments collectively. A brand new flag was seen within the codes labelled OTP_REDACTION. It redacts OTP notifications on the lock display of the smartphone. Google presently doesn’t use this flag, however the report suggests it may be made lively with Android 15. All three separate developments level in the direction of defending OTP notifications from third-party apps, which makes it doubtless that the tech large will use these to guard monetary and different vital apps that will comprise delicate info.