Android 15 integrates biometric security across the board
In the latest Android 15 Beta 3 release, significant progress has been made in the area of biometric authentication. In addition to the enhancements to passkeys, Google has introduced security measures for sideloading APKs and addressed underperforming biometric systems.
As part of the effort to simplify the authentication process, Google has introduced single-step sign-in with passkey functionality. This feature allows users to sign into apps designed for Android 15 using passkeys in a single step, using facial recognition or fingerprint.
The updates will also address the issue of dismissed prompts. If users dismiss the prompt to use a passkey, they can still access the passkey or other Credential Manager suggestions. Users will have the ability to link a Credential Manager request to view username or password fields. If one of the fields is in focus, the Credential Manager will receive a request and display the corresponding credentials in the autofill fallback UI.
Biometric authentication for scanning sideloaded APKs, reports suggest
Google is reportedly considering enhancing the security protocols for sideloading Android Package Kits (APKs) by integrating biometric authentication, according to Android Police. This could involve using fingerprint recognition or facial scanning to bypass the security warning issued by Google Play Protect for unverified APKs.
Google Play Protect is currently the main security mechanism for scanning sideloaded APKs on Android devices. However, there are concerns about its effectiveness, as users can easily bypass the security prompt without strict verification. Adding biometric authentication or PIN verification as an extra layer of security would make it more challenging for users to bypass security prompts.
A recent APK teardown by AssembleDebug revealed hidden feature flags in Play Store version 41.4.19, indicating that Google is considering implementing biometric security for APK sideloading. Although this new feature is not yet live, Android Police says it may be introduced to the public in the near future.
Track biometric failures with Android 15
According to Android Authority, the Android 15 will introduce a mechanism for managing biometric authentication by automatically deleting poorly performing biometrics and prompting users to re-enroll. As nearly every smartphone now includes fingerprint or facial recognition for access control, the performance of these methods depends on the sensor and algorithms used.
To improve reliability and user experience, Android devices running Android 15 will incorporate specific criteria or algorithms (which have not been revealed yet) to determine when a biometric model is not functioning effectively. This feature’s functionality has not been fully confirmed as live in the current Android 15 beta.
Article Topics
Android | biometric sensors | biometrics | consumer electronics | Google | passkeys | smartphones
Comments