Google has laid down several regulations for implementing Android v6.0 Marshmallow in its bid to improve the security of Android devices. The “Compatibility Definition” document for Android 6.0 includes guidelines that mandate OEMs to provide secure factory reset feature, enabling full disk encryption and identify support for high fidelity sensors.
In the document, Google has made it mandatory for device manufacturers to provide a factory reset feature in devices running Android Marshmallow. “Devices MUST provide users with a mechanism to perform a "Factory Data Reset" that allows logical and physical deletion of all data. This MUST satisfy relevant industry standards for data deletion such as NIST SP800-88. This MUST be used for the implementation of the wipeData() API (part of the Android Device Administration API),” says the document. This is of particular significance since it has emerged that the Factory Reset Protection feature can be easily bypassed in Samsung devices.
Google also requires OEMs to enable full-disk encryption by default, on devices that support it. It says, "For device implementations supporting full-disk encryption and with Advanced Encryption Standard (AES) crypto performance above 50MiB/sec, the full-disk encryption MUST be enabled by default at the time the user has completed the out-of-box setup experience.” Device makers are also required to include the power-saving “Doze Mode” feature on Marshmallow devices. It allows users to put non-essential apps on sleep mode, while the device is idle. OEMs are also restricted from tinkering with the feature.
Android v6.0 also brings native support for fingerprint scanners, and manufacturers must declare support for the android.hardware.fingerprint feature. Google has capped the false acceptance rate at 0.002 percent. The document has also defined a flag for high fidelity sensors, that OEMs must identify the support through. “Device implementations supporting a set of higher quality sensors that can meet all the requirements listed in this section MUST identify the support through the android.hardware.sensor.hifi_sensors feature flag.” The document lays down several parameters that the sensors have to adhere. The high fidelity sensors include accelerometer, gyroscope, compass, barometer, and pedometer.
In the document, Google has made it mandatory for device manufacturers to provide a factory reset feature in devices running Android Marshmallow. “Devices MUST provide users with a mechanism to perform a "Factory Data Reset" that allows logical and physical deletion of all data. This MUST satisfy relevant industry standards for data deletion such as NIST SP800-88. This MUST be used for the implementation of the wipeData() API (part of the Android Device Administration API),” says the document. This is of particular significance since it has emerged that the Factory Reset Protection feature can be easily bypassed in Samsung devices.
Google also requires OEMs to enable full-disk encryption by default, on devices that support it. It says, "For device implementations supporting full-disk encryption and with Advanced Encryption Standard (AES) crypto performance above 50MiB/sec, the full-disk encryption MUST be enabled by default at the time the user has completed the out-of-box setup experience.” Device makers are also required to include the power-saving “Doze Mode” feature on Marshmallow devices. It allows users to put non-essential apps on sleep mode, while the device is idle. OEMs are also restricted from tinkering with the feature.
Android v6.0 also brings native support for fingerprint scanners, and manufacturers must declare support for the android.hardware.fingerprint feature. Google has capped the false acceptance rate at 0.002 percent. The document has also defined a flag for high fidelity sensors, that OEMs must identify the support through. “Device implementations supporting a set of higher quality sensors that can meet all the requirements listed in this section MUST identify the support through the android.hardware.sensor.hifi_sensors feature flag.” The document lays down several parameters that the sensors have to adhere. The high fidelity sensors include accelerometer, gyroscope, compass, barometer, and pedometer.
No comments:
Post a Comment