The security problem is a very important issue in Android devices as Android users have to face a lot of complications regarding their phone security. Google has already launched over 25 android versions and more than 805 mobile users use Android phones.
But, still, there was a major problem regarding security facilities as there are a large number of gateways the hackers can get access and can damage your phone with various malicious software or extracting your private information and data including your passwords and other identification codes.
Google got millions of complaints from the users from all around the world regarding this and so google promised a well-structured security system to the android devices to provide the users with a sturdy and safe environment.
Even after Google brings up security systems for its Android platform, a major part of the Android environment stays unprotected and completely open to hackers and other cyber criminals as the device makers do not give the security systems on a regular basis and on a timely basis to their buyers.
To deal with this issue, Google at its input-output developer conference in the month of May 2018, exposed the company’s scheme to upgrade its OEM deals that will need Android device manufacturers to bring forth at least security updates on a daily basis.
The Exposure of the Contract Sample
The Verge got a leaked and unofficial sample of a new contract between Google and OEMs.
It shows that some terms of the deal or the agreement hat device manufacturers have to accomplish with.
Or else, they have to give up their certification of Google for forthcoming gadgets from the Android operating system.
The Brand New Terms for Google’s Android Security Updates
On the basis of the leaked contract, Android device manufacturers are mandated to bring forth updates on the security facilities for well-known devices which were set free in the global market after the 31st of January in the year 2018 and activated more than a hundred thousand users for a minimum of two years.
The head of the Android Security of Google, David Kleidermacher, assigned to these conditions earlier this year during the time of a meeting of google I/O.
David Kleidermacher said in one of his statements that google had also brought up an equipping into its deals with its partners set regular security updates in motion.
But one information was not clear to us, that is, which devices those security updates would implement to, how frequent would they be, or for how long would they be remaining.
The Present Days are not the same: Phones Cannot Go Over 90 Days Out of Date on Security
The terms are inclusive of all the devices that were launched after the 31st of January, 2018 that more than a hundred thousand users started off.
Beginning from the 31st of July, 2018, the mending necessity was put in an application to three fourth of each manufacturer’s “security mandatory models”.
From the 31st of January, 2019, Google will be needing each and every security mandatory devices to obtain all of these updates.
The device manufacturers have to fix the complexities by Google within a fixed time period. During the ending of every month, the included devices have to be secured from all sorts of chances to get affected that were detected more than 90 days ago.
This actually means that even without a minimum up-gradation on a yearly basis, this rolling window makes it compulsory for the devices to get fixed on a regular basis.
In addition to that, the devices should set free in the market with the same extent of the coverage of fixing the bugs. Google said that if the device makers do not succeed in keeping the devices updated, it would not grant the approval of the phones that are to launch in the near future and thus stopping them from getting released in the market.
The Android device manufacturers and developers are authorized to launch “at least four security updates” in the first year following a smartphone’s launch. But, for the next year, the number of devices that would be launched is not yet mentioned officially.
Along with that, the deal also specifies that the device makers must not make any late update for security weakness for more than a period of 90 days.
In short, what we meant to say is that the minimum need for the contract is a security patch update every 3 months a year.
The terms are completely visible in the brand new licensing agreement of Google for Android phones and Android tablets that are to be spread in the European Union along with the grouping of the apps of the company which also includes the most important Play Store.
The Verge could not make any assured statement if the requirements appear in the global licensing terms of Google, the contract, as well as the public comments of Google, points that the conditions are distinctly possible to be the same or significantly similar in all the regions.
One of the spokespersons from Google stipulated to the statements made by the company from prematurely this year calling 90-day bug darning “a minimum security hygiene requirement” and saying that “the majority of the deployed devices for over 200 different Android models from over 30 Android device manufacturers are running a security update from the last 90 days.”
Google’s Android One program also did not remain at the back of the lot. They also directed to the Android One program of Google that remits monthly security updates for three years for the phones that support it.
Fragmentation of Security is a Major Issue
Splintered security has been a big issue in the Android operating system where the phone makers will sometimes disregard the devices with their getting old or when people start to use them lesser and lesser.
The customers were not very sure about the fact that their phones will get updated in proper time on a regular basis. So as a result, the risk remained and the devices kept on getting more and more infected.
Google has no other way other than instructing the carriers and the manufacturers to repair the issue that evolved in the neoteric times. Android versions that came out lately have it simpler for the users to see how recently the phones were updated.
The latest Android version Oreo rebuilt the system in such a way that it made all the operating system updating procedures easier and more straightforward.
Google has also used the Enterprise Recommended program for the incitement of bigger consumers to choose more secure mobile phones along with the reward manufacturers that keep the devices properly updated.
The company can even make a complete clamor for updates in its contract as the manufacturers are completely dependent on Google for its wide range of applications.
This contractual devotion for the fixation of the devices moves much ahead. It also assures in a number of cases that the devices will be up to date.
The contract has to cross-examine how the non-Google mobile phones will be retaining the security updates without the precise contractual thrusts.
Hopefully, this served you well with information. Leave a comment if you have anything to say about this move. Your feedback will help us to assist you in more innovative ways. A share is much appreciated.