Google has started to outline the security enhancements on offer in Android Nougat, known as Android 7.x when it started appearing as an upgrade for millions of current handsets from August 2016 onwards. These turn out to be significant, which makes Nougat the most significant security overhaul the platform has ever received in a single jump.
The catch is that not all handsets are marked to get it. Those that will include Google’s own Nexus 5x, 6/6p plus Pixel C series. For other vendors, most handsets will get the upgrade as long as they aren’t more than a year old and run the necessary class of ARM microprocessors.
In terms of security, Android 7.x tweaks some features that appeared on Android M (v6.x) in October 2015 but also adds a few new elements, especially for business users, one of Google’s big target markets. In the past, Google tended to leave some security innovation to partners such as Samsung, which came up with innovations such as Knox to ease BYOD but these days the music has changed. At some point Google decided that it needed to drive security in Android more rapidly than has been the case up to now.
Direct boot– faster access to basic functions
Booting an encrypted Android handset has hitherto been a slow and clunky business in which the user enters a PIN code to unlock the encryption during the boot process followed (if set) by a second screen lock PIN or unlock code or pattern. Only then is the phone ready to use.
The drawback was that access to apps was all or nothing. Android 7.x speeds access to basic functions such as phone and alarm clock by separating storage into two areas, ‘device protected’ storage and ‘credential protected’ storage. An app engineered to use the former can make some core functions available very rapidly without a PIN; apps accessing credential storage still require the decryption PIN as normal.
Direct boot also benefits the installation of updates – see below.