Please log in to watch this conference skillscast.
Android N brings a plethora of security enhancements to the platform and the SDK. Including Network Layer Security, Hardware-backed Keystore, APK Signing v2, Scoped Directory Access and Direct Boot.
Network security has seen a huge update in terms of securing HTTPS/TLS connections safely. Without the need for code changes you can use the new Network Security Config to prevent accidental clear text communications, limit who you trust and more.
There’s also a new method to verify the presence and contents of a hardware-backed Keystore, which is the prefered way to create, store, and use cryptographic keys on Android devices. The hardware KeyStore is useful as it guards against extraction on rooted devices.
Are your .apk files going to be more secure with apk signing schema v2? Scott will explore what this is and what it means for your existing apps.
Device storage permission gets more granular with scoped directory access. Also starting in Android N, when the device is powered on it can boot into a new mode called Direct Boot. Do you need to make your app Direct Boot aware? What’s the difference between credential protected storage and device protected storage?
But what if your minSDK isn't 24? Come to this talk to get a concise update on the new features, practical tips and examples of how to implement in your app today!
YOU MAY ALSO LIKE:
- Agile PMO: The PMO has the power to support your organisation's revolution. (in London on 3rd April 2017)
- Uncle Bob's Clean Code: Agile Software Craftsmanship (in London on 5th - 7th April 2017)
- Masterclass: Reducing Technical Debt with Michael C. Feathers (in London on 24th - 25th April 2017)
- DDD eXchange 2017 (in London on 27th - 28th April 2017)
What's NNNNNNNNew in Android Security?
Scott is a consultant Android developer who is passionate about mobile app security and recently joined the Google Developer Experts program. He is co-author of “The Android Security Cookbook”, speaks at various conferences on the subject and has released several security related open source libraries.