Our smartphones are our constant companions and we use them for so much. But that is not enough for Google, which wants to make it so that Android can do much more. Specifically, Google wants Android to be secure enough to handle our most important data — our passports, medical details, and even let us vote from our Android phones.
Android has not always been seen as the most secure operating system in the world, but recent results show that Google is working hard to change that perception. The “What’s new in Android security” session at Google I/O revealed Google has its eyes set on making Android the sort of operating system that is secure enough for you to cast your vote for the next U.S. president.
But how is Google looking to make that happen? Specifically, it’s all about making sure that the right stuff is running in the right place. Android P may still be nameless, but it looks as if the next major Android iteration will be packing some major security upgrades, at least where transactions are concerned. Called “Android Protection Confirmation,” this is supposedly the first time that a major operating system API will be able to send a “high assurance transaction”, running on secure hardware, in a trusted execution environment (TEE).
I/O is a developer conference, so the use of obscure buzzwords is fairly common — but, in essence, Google is creating is a system that runs separately from the main operating system, and is harder for attackers to gain control as a result of being independent. When required, the TEE will take control of the display and ask the user to confirm the action they are about to take and then take final confirmation by pressing a hardware key. We suspect the exact procedure will change depending on the phone used since the power key is rarely in the same place on different phones — but the key seems to be that it be a secure hardware confirmation, rather than being software-based.
Of course, it’s not just about your civic duty — possible uses for this extremely secure technology obviously includes voting, but it also includes financial transactions, regulating insulin pumps, and two-factor authentication. Google was excited to reveal a small list of partners it was working with, and partners included Bigfoot Medical, the Royal Bank of Canada, and Duo Security.
Does this mean we can all expect to vote on our phones once Android P rolls around? Unlikely — but it is a step in the right direction for that, and even if an “Android Vote” app never surfaces, more security on your smartphone isn’t a bad thing.
