New Encryption Will Help Secure Your Android Device

October 24, 2018

Written by wukovits

Google is taking additional steps to bolster user privacy and better secure the data of the company’s legions of Android device owners.  The company recently announced a change to the Android Backup Service that will encrypt all user backup data stored on its cloud servers, such that even Google itself can’t read it.

Google has long allowed Android users to back up their app data and phone settings to their Google account so when they upgrade their phones, the process of getting the new device set up is quick and painless.  However, until this recent change, none of the backup data stored was encrypted.

Beginning with Android Pie, the new encryption paradigm will work as follows:

  • Your Android device will generate a random security key that is unknown and invisible to Google
  • The key will be encrypted using your passcode, pattern, or lock screen PIN
  • Once encrypted, the key will be sent (securely) to a Titan security chip on Google’s servers

As Google explained in a recent blog post: “The Titan chip is configured to only release the backup decryption key when presented with a correct claim derived from the user’s passcode.”

All that sounds good in theory, but what about brute force hacking attempts?  The company has an answer for that as well.

Here’s what they had to say about that topic:

“The limited number of incorrect attempts is strictly enforced by a custom Titan firmware that cannot be updated without erasing the contents of the chip…by design, this means that no one (including Google) can access a user’s backed-up application data without specifically knowing their passcode.”

The company has not specified which Android smartphones will be able to take advantage of the additional layer of security.  All we know at this point is that the device must be running the latest OS (Android 9 – Pie).  We expect to get a comprehensive device list from Google in the near future.

Used with permission from Article Aggregator

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.

Thank you for contacting Bayou Technologies. We'll be in touch soon!

Need help? support-icon