Android 14 apps may limit malicious apps from accessing content to improve security

Martin Brinkmann
Apr 13, 2023
Google Android

This year's Android update, Android 14, includes a new option for Android apps to prevent malicious apps from accessing their content. The move is designed to improve security, especially for important applications such as authenticator apps, brokerage apps, and other apps that are of a sensitive nature.

Content stealing malware, for instance those aimed at stealing two-factor authentication codes, are not as common as other types on Android, but there have been cases in the past. To gain access to another application's data, malware apps have used the Accessibility service in the past.

Legitimate accessibility apps, like screen readers or narrators, need access to other apps to assist Android users who require them. They help navigate apps and inform users about what is happening on the screen. This powerful feature set has been used by malicious apps in the past.

android 14 preview

Google implemented changes in previous versions of Android to limit these dangers. In Android 12, it introduced a new attribute for apps, which they needed to declare, if they included accessibility functionality. Apps without the declaration could not be uploaded to Google Play anymore.

Then, in Android 13, Google hammered down on the use of Accessibility functionality in sideloaded apps. It was a logical consequence, after having introduced the new attribute in Android 13. This new restriction made it harder for malicious apps to trick users into enabling Accessibility functionality, but it was still possible. In essence, Google limited the option to enable Accessibility functionality for sideloaded apps.

Now, in Android 14, comes the next limitation. Application developers may enable a new setting in their application, which limits access to Accessibility tools that have declared their status. The change prevents non-Store apps from using Accessibility functionality to access an application's data.

While it is still possible that malicious apps with the right declaration pass the Google Play protections to be offered there, it is limiting malicious apps that use Accessibility functionality significantly. Clearly, the change is also limiting apps that are not malicious from making use of accessibility features.

One of the downsides of the change in Android 14 is that apps need to have the feature enabled. There is a good chance that many high security apps will implement it to improve security further, but it will take some time before the majority of these apps have implemented the change. Also, since it requires Android 14, many users of Android won't benefit from the change unless the new version is offered for their device. (via Esper)

Android 14 apps may limit malicious apps from accessing content to improve security
Article Name
Android 14 apps may limit malicious apps from accessing content to improve security
Android 14 includes a security change that prevents malicious apps from using accessibility services to access the content of other apps.
Ghacks Technology News

Tutorials & Tips

Previous Post: «
Next Post: «


There are no comments on this post yet, be the first one to share your thoughts!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.