What's NNNNNNNNew in Android Security?

27th October 2016 in London at Business Design Centre

There are 75 other SkillsCasts available from droidcon London 2016

Please log in to watch this conference skillscast.

600194306 640

Android N brings a plethora of security enhancements to the platform and the SDK. Including Network Layer Security, Hardware-backed Keystore, APK Signing v2, Scoped Directory Access and Direct Boot.

Network security has seen a huge update in terms of securing HTTPS/TLS connections safely. Without the need for code changes you can use the new Network Security Config to prevent accidental clear text communications, limit who you trust and more.

There’s also a new method to verify the presence and contents of a hardware-backed Keystore, which is the prefered way to create, store, and use cryptographic keys on Android devices. The hardware KeyStore is useful as it guards against extraction on rooted devices.

Are your .apk files going to be more secure with apk signing schema v2? Scott will explore what this is and what it means for your existing apps.

Device storage permission gets more granular with scoped directory access. Also starting in Android N, when the device is powered on it can boot into a new mode called Direct Boot. Do you need to make your app Direct Boot aware? What’s the difference between credential protected storage and device protected storage?

But what if your minSDK isn't 24? Come to this talk to get a concise update on the new features, practical tips and examples of how to implement in your app today!


What's NNNNNNNNew in Android Security?

Scott Alexander-Bown

Scott is a ​freelance Android developer and Google Developer Expert who is passionate about mobile app security. He is co-author of “The Android Security Cookbook”, speaks at various conferences on the subject and has released several security related open source libraries.