With the launch of Android 6.0 Marshmallow, Google will require OEMs to support new features which will increase the security of Android devices.
Storage encryption has been available in Android since a long time, but it had been placed deep in the settings menu.
Google didn’t use the AES hardware accelerator from Qualcomm in the Nexus 6. The encryption and decryption were left to CPU. This resulted in the Nexus 6 poor performance both in the real world and especially in benchmarks.
ARMv8-A introduced some of the AES instructions by into the architecture of the chips that were based on it. This helped in accelerating the encryption and decryption of the device’s storage. Storage encryption is used to keep personal and sensitive data safe against thieves. If you are buying a new phone by selling the old one, it makes sure that no one will be able to see your data.
Therefore, Google has asked all the OEMs starting from Android 6 to support the encryption by default. It will be necessary to pass the Google’s compatibility tests and the devices also need to be certified.
Google is now asking manufacturers to use fingerprint sensors in their devices. For fingerprint sensors, a standard has been set by Google which has been introduced in the new version of Android.
The requirements are:
to have has a false acceptance rate (FAR) not more than 0.002 percent
A false rejection rate (FRR) not more than 10 percent.
Devices which support storage encryption will also be required to support the “verified boot” feature. This feature ensures the integrity of the software present in the device.
The upgraded facility is not provided to the devices which don’t have the feature “verified boot” as these devices are not to be trusted.