The upcoming Android 15 is poised to introduce a new feature that could shield users' most sensitive notifications, particularly those containing two-factor authentication (2FA) codes, from potential scammers and malicious apps.
Unveiling this development, an Android Authority report revealed that the Android 15 update, currently in the development phase, includes a new permission titled "RECEIVE_SENSITIVE_NOTIFICATIONS."
This permission is assigned a protection level of role|signature, indicating that only applications with the requisite role or those signed by the Original Equipment Manufacturer (OEM) will be eligible to access it. Notably, it is anticipated that Google will restrict this permission from third-party applications.
The report's findings during an exploration of the Android 14 QPR3 Beta 1 update indicated that the RECEIVE_SENSITIVE_NOTIFICATIONS permission is intricately linked to a new platform feature.
This feature aims to redact sensitive notifications from untrusted apps employing a NotificationListenerService, an API enabling apps to read or take action on notifications.
Users are required to manually grant apps permission in the device settings before the NotificationListenerService API becomes operational.
The newfound permission and associated API carry considerable power, prompting Google to implement safeguards to limit the data access granted to apps.
While the exact definition of an "untrusted" app remains unclear, it is speculated that only select system apps would hold the RECEIVE_SENSITIVE_NOTIFICATIONS permission.
The report further speculated on the nature of notifications deemed "sensitive" by Google, suggesting a focus on those containing 2FA codes. The source code for Android 14 uncovered a flag named OTP_REDACTION, designed to gate "the redaction of OTP notifications on the lock screen." Although unused in Android 14, it is anticipated that Google intends to deploy this feature with the release of Android 15.
Android 15 is poised to offer users a triple-layered protection system against potential 2FA code leaks. The OTP_REDACTION flag indicates prevention of 2FA code exposure on the lock screen.
Simultaneously, the RECEIVE_SENSITIVE_NOTIFICATIONS permission aims to thwart untrusted apps from accessing notifications containing 2FA codes. This comes in addition to an existing feature from Android 13, blocking users from enabling an app's notification listener service if it was obtained from an untrusted source.
Check out our in-depth Market Coverage, Business News & get real-time Stock Market Updates on CNBC-TV18. Also, Watch our channels CNBC-TV18, CNBC Awaaz and CNBC Bajar Live on-the-go!
Rapido offers free rides to voters to polling stations on May 13 in Hyderabad, 3 other cities
May 6, 2024 5:49 PM
Lok Sabha elections 2024: Seats to date, all you need to know about third phase of voting
May 6, 2024 4:49 PM
Concerns on low voter turnout a "myth"; absolute number of voters correct way to analyse: Report
May 6, 2024 2:57 PM
Haryana Lok Sabha elections 2024: A look at JJP candidates
May 6, 2024 2:26 PM