Android 14 – What’s New in Security

Android 14 Developer Preview is released. The most widely used mobile operating system in the world which includes improvements to security and privacy has been available.

With Android 14, apps will have to explicitly state how they want to use specific phone functions, there will be a limit on the amount of data they can share, and any further files they download will be read-only.

The blocking of harmful apps that target previous API levels (Android versions), which makes it simpler to exploit sensitive permissions, is a standout security enhancement in Android 14.

What’s New in Android 14 Security?

All Android 14 apps must state whether they need to receive information from other apps or if they should just receive system “broadcasts,” starting with the “Runtime receivers,” which allow apps to receive intents broadcast by the system or other applications.

The “Context.registerReceiver()” function that was first introduced in earlier Android versions is continued by this new security feature. 

It seeks to stop malicious apps from intercepting or abusing broadcasts intended for other apps on the device.

So, Android 14 will also limit the sending of “intents” that don’t have a specified receiver in order to tighten information exchange between apps even more and stop malware from stealing sensitive user data. Malware can no longer read the intents delivered from other apps and intercept them.

Safer dynamic code loading, which restricts all files downloaded by an application to read-only mode, is the next security enhancement coming to Android 14.

This might assist in avoiding code-injection scenarios involving manipulated executables intended for use by privileged applications.

Moreover, in order to prevent simpler permissions abuse, Android 14 will prevent the installation of hazardous apps that target SDK versions lower than 23 (Android 6.0).

“Malware often targets older API levels to bypass security and privacy protections that have been introduced in newer Android versions,” Google

“To protect against this, starting with Android 14, apps with a targetSdkVersion lower than 23 cannot be installed”.

Notably, Google included a runtime permission model to Android 6.0 (2015), requiring apps to ask the user for permission when requesting access to private features including the device’s camera, microphone, GPS sensors, phone calls, and SMS access.

Also, to make it simpler for users to overlook and approve, malware targeting older SDK versions might declare it in the manifest XML file and seek access to sensitive rights upon installation.

Users won’t be able to install apps that haven’t received updates in a while due to the new permissions protection system. On smartphones that upgrade to Android 14, Google claims that previous apps will still function.

The internal broadcast mechanism has been improved, which should help customers get more usage out of their device’s battery and reduce power consumption.

For the Pixel 7 Pro, Pixel 7, Pixel 6 Pro, Pixel 5, Pixel 4a 5G, and Pixel 4a, the new Android developer preview is officially available. 

You can flash the factory image using Fastboot, side-load the OTA package for your device from Recovery using ADB, or install Android 14 GSI to install the new development preview. For a thorough understanding, visit the XDA’s guide.

Network Security Checklist – Download Free E-Book