Google has unveiled a significant security enhancement in Android 17 aimed at curbing the misuse of the accessibility services API by unauthorized apps. This update, part of the Android Advanced Protection Mode (AAPM), was highlighted by Android Authority following its inclusion in the Android 17 Beta 2 release.
Strengthening Security with AAPM
Android Advanced Protection Mode, introduced with Android 16, elevates device security against complex cyber threats. This feature, similar to Apple’s Lockdown Mode, is designed to prioritize security even if it results in reduced functionality and usability. Key configurations include prohibiting app installations from unknown sources, limiting USB data communication, and enforcing Google Play Protect scans.
Google’s documentation states that apps can detect AAPM status via the AdvancedProtectionManager API, allowing them to automatically adjust to a more secure setting or limit risky functions when the mode is enabled.
Restricting Accessibility API Usage
The latest update focuses on restricting access to the accessibility services API for apps not recognized as accessibility tools. Only applications identified by the isAccessibilityTool=”true” flag, such as screen readers and voice-based input systems, are permitted to use this API. Other applications, including antivirus programs and automation tools, are excluded from this category.
Google’s decision comes as a response to the API’s misuse, where malicious entities have exploited it to extract sensitive information from compromised Android devices. This change will revoke permissions from unauthorized apps when AAPM is active, and users cannot grant these permissions unless they disable the setting.
Additional Features in Android 17
Android 17 introduces a new contacts picker, allowing developers to specify which contact fields are accessible, such as phone numbers or email addresses. It also provides users with the ability to select specific contacts using third-party apps. This feature ensures that apps gain access only to selected data, enhancing privacy while maintaining a consistent user interface with built-in search and multi-selection capabilities.
Google continues to prioritize user security and privacy with Android 17 by implementing measures that limit potential exploitation avenues while offering new tools to manage data access effectively.
