Google will require OEMs to provide regular Android security updates
The fragmentation problem that affects Android not only means that there are a tiny number of users running the latest version of Google's mobile operating system, but also that many handsets are not patched with the latest security update. This could be about to change.
At its I/O developer conference this week, Google announced that its security policies will be changing. While its not clear when this could happen, the company will require some smartphone manufacturers to roll out regular security updates to users.
- Microsoft says that to text from Windows 10 with Your Phone app, you'll need an Android handset
- Google launches Android Jetpack to speed up app development
- The best Android apps and games revealed in 2018 Google Play Awards
- Android Things exits beta as Google jumps further into the IoT
In recent years, Google has taken steps to improve the security of Android, including releasing its own monthly security updates. While these are made available to handset manufacturers, there is no requirement for them to be pushed to users, and -- as many Android users will be only too aware -- it does not take long for individual phones to lose support... if they were receiving updates in the first place, that is.
Now, however, Google will be putting some pressure on manufacturers to secure handsets.
Speaking at Google I/O, David Kleidermacher -- the head of Android platform security -- said:
We've also worked on building security patching into our OEM agreements. Now this will really lead to a massive increase in the number of devices and users receiving regular security patches.
At the moment, there is no indication of quite when this policy might come into force, nor how strict Google would be about enforcing it. It's also not clear how much the change in policy would help owners of older handsets who have not received security updates for quite some time -- it is likely to apply, at best, to phones with Oreo and newer. But few people would argue against doing more to help improve the security of Android handsets, and this is what Google appears to be trying to do.