Please log in to watch this conference skillscast.
Android N brings a plethora of security enhancements to the platform and the SDK. Including Network Layer Security, Hardware-backed Keystore, APK Signing v2, Scoped Directory Access and Direct Boot.
Network security has seen a huge update in terms of securing HTTPS/TLS connections safely. Without the need for code changes you can use the new Network Security Config to prevent accidental clear text communications, limit who you trust and more.
There’s also a new method to verify the presence and contents of a hardware-backed Keystore, which is the prefered way to create, store, and use cryptographic keys on Android devices. The hardware KeyStore is useful as it guards against extraction on rooted devices.
Are your .apk files going to be more secure with apk signing schema v2? Scott will explore what this is and what it means for your existing apps.
Device storage permission gets more granular with scoped directory access. Also starting in Android N, when the device is powered on it can boot into a new mode called Direct Boot. Do you need to make your app Direct Boot aware? What’s the difference between credential protected storage and device protected storage?
But what if your minSDK isn't 24? Come to this talk to get a concise update on the new features, practical tips and examples of how to implement in your app today!
YOU MAY ALSO LIKE:
- LDNUG September 2017 - #ProgNET Special with Richard Campbell (in London on 12th September 2017)
- Progressive .NET 2017 (in London on 13th - 15th September 2017)
- Fast Track to F# with Tomas Petricek & Phil Trelford (in London on 16th - 17th October 2017)
- Test Driven Development (TDD) Workshop with Damjan Vujnovic (in London on 7th - 8th December 2017)
What's NNNNNNNNew in Android Security?
Scott is a freelance Android developer and Google Developer Expert who is passionate about mobile app security. He is co-author of “The Android Security Cookbook”, speaks at various conferences on the subject and has released several security related open source libraries.