Starting March 27, 2025, we recommend using android-latest-release instead of aosp-main to build and contribute to AOSP. For more information, see Changes to AOSP.

Android security features

Use the features described in this section to make the Android devices you develop as secure as possible.

Application Sandbox

The Android platform takes advantage of the Linux user-based protection to identify and isolate app resources. To do this, Android assigns a unique user ID (UID) to each Android app and runs it in its own process. Android uses this UID to set up a kernel-level Application Sandbox.

App signing

App signing allows developers to identify the author of the app and to update their app without creating complicated interfaces and permissions. Every app that runs on the Android platform must be signed by the developer.

Authentication

Android has the concept of user authenticators that can unlock the device and perform other tasks:

The Gatekeeper subsystem performs device pattern or password authentication in a Trusted Execution Environment (TEE).
The optional Weaver component performs pattern or password authentication in a separate secure element.
Devices with a fingerprint sensor support the use of enrolled fingerprints.
Devices can support face authentication.

Android also supports hardware-backed cryptographic keys that can be used only if user authentication with one of these mechanisms has occurred.

Biometrics

Android 9 and higher includes a BiometricPrompt class that app developers can use to integrate biometric authentication into their apps in a device- and modality-agnostic fashion. Only strong biometrics can integrate with BiometricPrompt.

Encryption

Once a device is encrypted, all user-created data is automatically encrypted before committing it to disk and all reads automatically decrypt data before returning it to the calling process. Encryption ensures that even if an unauthorized party tries to access the data, they can't read it.

Keystore

Android offers a hardware-backed keystore that provides cryptographic functionality where the key material is contained within a secure environment. Android Keystore supports generation and import of both symmetric and asymmetric keys, combined with encryption, decryption, signing, and key agreement primitives.

Security-Enhanced Linux

As part of the Android security model, Android uses Security-Enhanced Linux (SELinux) to enforce mandatory access control (MAC) over all processes, even processes running with root or superuser privileges (Linux capabilities).

Trusty TEE

Trusty is a secure operating system (OS) that provides a TEE for Android. The Trusty OS runs on the same processor as the Android OS, but Trusty is isolated from the rest of the system by both hardware and software.

Verified Boot

Verified Boot is designed to ensure that all executed code comes from a trusted source (usually device OEMs), rather than from an attacker or corruption. Verified Boot establishes a full chain of trust, starting from a hardware-protected root of trust to the bootloader, to the boot partition and other verified partitions.