Close Menu
Trending
Android

Sensitive login codes may be protected in Android 15

thedailyposting.comBy No Comments

[ad_1]

Keeping your online accounts safe is a constant battle, which makes using passkeys and two-factor authentication (2FA) essential. Two-factor authentication codes add an extra layer of security and prevent hackers from breaking into your account, but some of the methods currently used to send these codes aren’t the most secure. However, this may actually change in Android 15, as a new line found in the source code suggests.

One common form of 2FA is sending a one-time password (OTP) code via text or email. Although these methods are easy to use, they carry an inherent risk that the text or email containing the code may be intercepted by a malicious party. However, Android expert Mishaal Rahman (via Android Authority) recently took a closer look at the Android 14 QPR3 Beta 1 code, and found new security features aimed at protecting sensitive login codes. We see evidence of development in progress.

How does Google plan to protect login codes?

Google seems to be adding a new permission called “RECEIVE_SENSITIVE_NOTIFICATIONS”. This will likely be very limited and only available to certain system apps on your phone. This feature may work in conjunction with Android’s “NotificationListenerService” API, a system that allows apps to read and interact with notifications. This API is not automatically enabled and typically needs to be enabled manually in settings.

Sensitive login codes may be protected in Android 15Sensitive login codes may be protected in Android 15

Current notification access setting is on android 14 | Source: Android Authority

The code snippet also shows that android 15 There is a feature called “OTP_REDACTION” that allows the 2FA code to be hidden directly on the lock screen. Android’s NoticeListenerService is extremely powerful and can be a valuable tool for malicious apps to access sensitive data.

This new feature aims to prevent untrusted apps from reading notifications containing sensitive data such as OTP codes for logging into social media, banking, etc. Essentially, Android gives you more control over what information different apps can and cannot display. Taken together, these additions demonstrate that Google is working to significantly improve security. Based on these new findings, we conclude that the intended functionality is to hide these login codes from prying eyes, i.e., from prying apps, and to ensure that only trusted people can access them. There is a possibility.

[ad_2]

Source link

Related Posts

Leave A Reply