Android 11

A maximum of users spends time with their smartphones. Sometimes they are working, connecting with friends, playing games, etc. this has become their primary gateway for digital lives. To work correctly, the app needs specific permission, and for that, they need to send a request to the given device. Permission can be automatically granted if the user does not use the app for a longer time.

For Android 11, they have introduced permission of auto-reset feature which help to protect user privacy automatically and reset the app with runtime permission. This will also display promptly if the app does not get used the several months. In December 2021, they are expecting to expand a billion more devices to enable the device with Google Play service.

EHA

This feature will get enabled by default in Android 11 or the higher version. The user will take permission to auto-reset manually by targeting the API level 23 to 29.

Few Exceptional Cases:

There are few apps which automatically exempted from the revocation such as permission has been taken from the enterprise policy, and the enterprise will use an active device administrator.

Users can disable auto-reset:

If require developer can insist the user reset their app permission, this can be very useful where the expected app can work primarily in the background without any intimation.  

Comparison Between Current and New Behavior:

  1. Permission automatically get reset for the Android 11 and other higher devices. Even user can manually enable auto-reset for the apps. Apps also can send request to disable the auto-reset app.
  2. In new behavior, permission will automatically reset for a few devices like Android 6.0, Android 10, Android 11, and more than the higher device.
Current behaviorNew behavior
Permissions are automatically reset on Android 11 (API level 30) and higher devices.Permissions are automatically reset on the following devices: Devices with Google Play Services that are running a version between Android 6.0 (API level 23) and Android 10 (API level 29), inclusive. All devices running Android 11 (API level 30) and higher devices.
Permissions are reset by default for apps targeting Android 11 or later. The user can manually enable auto-reset for apps targeting Android 6.0 (API level 23) or later.No change from the current behavior.
Apps can request the user to disable auto-reset for the app.No change from the current behavior.

Important code changes:

When apps get targeted in API 30, it asks the user to disable the permission as auto-reset. After that developer will make few simple code changes. The app will not undermine the auto-reset where code changes are required.

New APIs are compatible with Android 12 and hibernation will give new restrictions applied to unused apps.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.