Android to be getting its own version of Apple's "Stolen Device Protection" feature
Android is reportedly stepping up its security game with a feature that could significantly reduce the risk of data theft in case your phone falls into the wrong hands. Dubbed "Identity Check," this new addition aims to close a potential security gap that currently exists even with biometric authentication in place.
The problem currently lies in the fallback mechanism many Android apps use. Even if they primarily rely on fingerprint or facial recognition, they often allow users to enter their lock screen PIN or pattern as an alternative. This means that if someone steals your phone and happens to know your lock screen code, they could potentially bypass the biometric security and access sensitive data within those apps.
Google appears to be leveraging its existing "Trusted Places" feature to achieve this. The Google Play Services app will likely track your phone's location and communicate with the operating system to trigger mandatory biometrics when you're away from a trusted zone.
This approach mirrors Apple's "Stolen Device Protection" feature, which also requires biometric authentication for certain actions when an iPhone is away from a familiar location. It's a smart move by Google, bringing Android's security capabilities closer to its competitor and offering users enhanced peace of mind.
It's important to note that Identity Check won't be a foolproof solution. Determined thieves could still find ways to bypass biometric security or access data through other vulnerabilities. However, it adds a significant hurdle for opportunistic thieves who might otherwise easily exploit the lock screen PIN fallback.
While we don't have an exact timeline for Identity Check's rollout, it's expected to be part of a future Android update, possibly requiring Android 15 QPR1 or later due to underlying system changes. I can see this feature being very helpful and a welcome addition for Android users who are security conscious.
However, the upcoming "Identity Check" is designed to prevent this scenario. It works by intelligently disabling the PIN/password/pattern fallback option when your phone is outside of designated "trusted locations," likely your home or workplace. This forces apps to rely solely on biometrics for authentication, making it much harder for thieves to gain access.
Google Play Services' mandatory biometric setting within trusted places | Image credit — Android Authority
Google appears to be leveraging its existing "Trusted Places" feature to achieve this. The Google Play Services app will likely track your phone's location and communicate with the operating system to trigger mandatory biometrics when you're away from a trusted zone.
It's important to note that Identity Check won't be a foolproof solution. Determined thieves could still find ways to bypass biometric security or access data through other vulnerabilities. However, it adds a significant hurdle for opportunistic thieves who might otherwise easily exploit the lock screen PIN fallback.
While we don't have an exact timeline for Identity Check's rollout, it's expected to be part of a future Android update, possibly requiring Android 15 QPR1 or later due to underlying system changes. I can see this feature being very helpful and a welcome addition for Android users who are security conscious.
Things that are NOT allowed: