Secure an Android Device
Secure an Android Device
Android includes the industry's leading security features and works with developers and device developers to ensure the security of the Android platform and ecosystem. A reliable security model is necessary to create a powerful ecosystem of applications and devices built on the Android platform and supported by cloud services. As a result, Android is subject to a strict security program throughout the development lifecycle.
Android was created to be open. Android apps use state-of-the-art hardware and software, as well as local and serviced data provided through the platform, to bring innovation and value to users. To implement this value, the platform offers an application environment that protects the privacy, integrity, and availability of users, data, applications, device, and network.
Maintaining an open security platform requires a strong security architecture and strict security programs. Android is designed with a multi-layer security that is flexible enough to support an open platform, protecting all users of the platform. For information about security problem messages and the update process, See security and resource Updates.
Android is designed for developers. Security controls were designed to reduce the developer workload. Experienced developers can easily work with and rely on flexible security controls. Developers who are less familiar with security are protected by secure default settings.
In addition to providing a stable platform for building, Android provides additional support to developers in a number of ways. The Android security team looks for potential vulnerabilities in apps and suggests ways to solve these problems. For devices with Google play, game services provide security updates for critical software libraries, such as open ones, that are used to enable application interaction. Android security has released a tool for testing SSL (nogotofile), which helps developers find potential security problems on any platform they are developing.
For more information about the developers of applications for Android can be found on developer.android.com.
Android is designed for users. Users have access to and control over the permissions requested by each application. This design includes the expectation that attackers will try to perform common attacks, such as social engineering attacks, to convince device users to install malware and attacks on third-party apps on Android. Android was designed to reduce the likelihood of these attacks and significantly limit the impact of an attack if it was successful. Android security continues to progress after the device is in the user's hands. Android works with partners and the public to provide patches for every Android device that continues to receive security updates.
For more information about the end users can be found in the support center nexus, support the center of the pixel or in the support center of the manufacturer of your device.
This page describes the goals of the Android security program, describes the basics of the Android security architecture, and answers the most pressing questions of system architects and security analysts. It focuses on security features on the main Android platform and does not discuss security issues that are unique to specific apps, such as those related to a browser or SMS app.
The main building blocks of the Android platform are:
Device hardware: Android runs on a wide range of hardware configurations, including mobile phones, tablets, watches, cars, smart TVs, OTT game consoles, and decoders. Android is an agnostic processor, but uses some hardware security features, such as arm-never output. Android operating system: the main operating system is built on the Linux kernel. All device resources, such as camera functions, GPS data, Bluetooth functions, phone functions, and network connections, are available through the operating system. Android apps runtime: Android apps are most often written in the Java programming language and run in the Android runtime (art) environment. However, many applications, including major services and Android apps, are native applications or contain their own libraries. Both artistic and local applications run in the same security environment contained in the application sandbox. Applications get a special part of the file system where they can record personal data, including databases and raw files.
Android apps extend The main Android operating system. There are two main sources for applications:
Pre-installed apps: Android includes a set of pre-installed apps, including phone, email, calendar, web browser, and contacts. They function as user apps and provide key device features that can be accessed by other apps. Pre-installed apps can be part of the open source Android platform or can be developed by the device manufacturer for a specific device. User-installed apps: Android provides an open development environment that supports third-party apps. Google play offers users hundreds of thousands of apps.
Google provides many cloud services available for compatible Android devices with mobile services. Although these services are not part of the Android open source project (AOSP), they are included in many Android devices. For more information about some of these services, see the Android security Overview for 2018.
Google's main security services are:
Google play is a set of services that allow users to find, install, and buy apps on their Android devices or on the Internet. Google play allows developers to easily find Android users and potential customers. The game also offers an overview, an app to check the app's license, antivirus programs, and other intelligence agencies. Android updates: the Android update service provides new features and security updates on selected Android devices, including updates over the Internet or over the air (OTA). App services: platforms that allow Android apps to use cloud features such as data backup and app settings, as well as messages between the cloud and the device (C2DM) to click messages. App scan: warns or automatically blocks the installation of malicious apps and constantly scans apps on your device to warn or remove malicious apps. Security: an intrusion detection system with privacy that helps Google track, mitigate known security threats, and identify new security threats. Security certification: third-party APIs to determine whether a TT device is compatible. Certification also allows you to identify the Android app that interacts with the app server. Android device Manager: web app and Android app to find lost or stolen device.