Android 15 could make it harder for hackers to access your accounts — here’s how

A padlock resting on a mirror reflecting the Google logo
(Image credit: Sergei Elagin/Shutterstock)

Android 15 could have a big emphasis on security from the looks of things. Not only has Google added a bunch of security-conscious tools to the first Android 15 developer preview. Now it looks as though Google may also be adding better protection for two-factor authentication codes as well.

According to well known Android sleuth Mishaal Rahman, over at Android Authority, the Android 14 QPR3 beta 1 contains a new permission called RECEIVE_SENSITIVE_NOTIFICATIONS. Apparently this permission has a role|signature protection level which means it can only be granted to apps with either the requisite role or that have been signed by an OEM.

Rahman believes that this permission is probably only meant for Google apps, rather than third parties, and seems to be a way to stop untrusted apps from seeing sensitive notifications. That includes one time passcodes (OTP) and other two-factor authentication codes that you may be sent.

This appears to be backed up by two new additions. The first is an API called NotificationListenerService that should allow apps to read or take action on all your notifications — but only if they’ve been granted that permission in the settings.

There’s also a brand new flag called OTP_REDACTION that prevents codes from appearing on the lock screen. So in both cases it looks like Android will be protecting your 2FA codes from untrustworthy apps that may be snooping through your notifications, and prying eyes that might see codes on your lockscreen.

Since these flags haven’t been implemented in Android just yet, Android 15 is the most likely place for Google to activate these additional flags and permissions. Which could be a major hidden benefit of the software.

Two-factor authentication is an incredibly important way of helping keep your accounts secure. Because even if someone manages to guess your login details, the odds of them also having that secondary verification code are incredibly slim.

That said, 2FA isn’t perfect and there are security flaws that a savvy hacker could try to exploit — especially if codes are sent via SMS, which is notorious for being unencrypted and totally insecure.

Whether those messages are intercepted en route, seen over your shoulder, or spied on by a malicious app, once a hacker has that code they’ve essentially got free reign of the account in question. So anything Google can do to improve the security of those codes when they arrive is more than welcome.

It won’t make the process completely foolproof, which is why you should avoid SMS and notification-based 2FA wherever possible. Your security is going to be much better if you use codes from an authenticator app, or utilize a physical security key.

We don’t know exactly when Android 15 will launch to the public, but according to Google, the first beta version should be arriving in the Spring. Until then be sure to keep tabs on our official Android 15 hub for all the latest news and rumors.

More from Tom's Guide

Category
Arrow
Arrow
Back to Mobile Cell Phones
Brand
Arrow
RAM
Arrow
Storage Size
Arrow
Colour
Arrow
Condition
Arrow
Price
Arrow
Any Price
Showing 10 of 143 deals
Filters
Arrow
Our Review
1
Google Pixel Unlocked Phones
Amazon
Deal ends Sun, Dec 29, 2024
(256GB)
Our Review
2
Galaxy S24 Ultra 256gb...
Samsung
Our Review
4
Google Pixel 8 Pro - 128 GB
Verizon
Our Review
5
OnePlus - 12 256GB (Unlocked)...
Best Buy
(256GB Black)
Our Review
7
Samsung Galaxy S24 Ultra...
Mint Mobile
Our Review
9
Google Pixel 8 Pro - 128 GB
AT&T Mobility
Our Review
10
Samsung Galaxy S24 Ultra 256...
Visible
Load more deals
TOPICS
Tom Pritchard
UK Phones Editor

Tom is the Tom's Guide's UK Phones Editor, tackling the latest smartphone news and vocally expressing his opinions about upcoming features or changes. It's long way from his days as editor of Gizmodo UK, when pretty much everything was on the table. He’s usually found trying to squeeze another giant Lego set onto the shelf, draining very large cups of coffee, or complaining about how terrible his Smart TV is.