The Android 9 Pie may be slow in rolling out but it’s better this year compared to Oreo. The Pie is being served to several flagship smartphones already including the Samsung Galaxy Note 9, Xiaomi Mi A1 and Mi A2, HTC U11 Life, Motorola One and One Power, Nokia 7.1, and some Sony Xperia devices. This new version is anticipated because of its many new features and enhancements like adoptable storage, dock-less DeX functionality for the S9, improved battery life and efficiency, and Quick Text Selection.
The Android Keystore gets an upgrade to Android Pie. This feature offers app developers a way to secure the data of app users by using a set of cryptographic tools.
Security is embedded into a secure hardware, protecting the keys and using them only within a secure environment. This method allows apps to be protected from potential attacks by specifying a restriction on how the keys are used.
More Keystore capabilities have been added. First, there’s the enabling of restrictions on key use. The other uses a secure key and protects the material from an OS or app.
To make the phone more secure than ever, the Keystore is locked until access is needed. Keyguard-bound cryptographic keys have been added to the Android Pie version.
The feature allows Keyguard binding and authentication binding. They are similar in many ways but differ in what they can do. Keyguard binding brings the keys to the screen lock state.
Secure Key Import has also been added so existing keys are allowed securely into the apps. The secure key is encrypted from a cloud or a data center. Source is remote but is protected by using a public wrapping key–the SecureKeyWrapper format.
One example of an app that takes advantage of Secure Key Import is Google Pay on Pixel 3 devices. This feature allows data of users to remain locked and private but can be accessed when quickly needed. The effect is user’s data are always protected even when the phone is locked. When data are needed, they can be easily accessible.
Android Keystore is a secure hardware feature but is only ready for some Android Pie phones. Not all Pie devices can receive the feature yet but should widely be available in the near future.
SOURCE: Android Developers Blog
