With the latest version of its mobile operating system Android 6.0 Marshmallow, Google has taken several major steps to bring uniformity and consistency, apart from bolstering security across the millions of devices that run its software. We’re now learning about two more such additions.
Surprising as it may sound, until now Google hadn’t defined how it wants its partners to handle factory resets. This, as you may realise, poses a security threat if an OEM failed to program its approach to factory reset correctly, as seems to be the case with Samsung’s Galaxy Note 5.
But moving forward, companies will have to abide by Google’s rules. In its compatibility document, it directed the following.
“Devices MUST provide users with a mechanism to perform a ‘Secure Factory Reset Feature’ that allows logical and physical deletion of all data. This MUST satisfy relevant industry standards for data deletion such as NIST SP800-88 […] Devices MAY provide a fast data wipe that conducts a logical data erase.”
The other direction is interesting, too. Google now requires OEMs to use high-quality sensors that “meet all the requirements” and are implemented correctly. Going more technical, the sensors are required to “identify the support through the android.hardware.sensor.hifi_sensors feature flag.”
Among other changes, as previously reported, Google also requires its OEMs to offer full-disk encryption enabled by default, and use a predefined set of instructions for the fingerprint sensors on the devices. Google now also closely watches how the pre-installed apps access certain protected features.
Basically, you need to give users a factory reset option that meets certain standards or you can’t get Google Mobile Services (e.g., the Play Store). Again, there’s no reason we have to specifically believe any major phone manufacturer was not doing this already, but it’s now a flat requirement that they do. And so long as they offer that option, Google is allowing OEMs to include a quick logical-only wipe if they should so desire.