Google has announced plans to deprecate Android Protected Confirmation (APC) due to low adoption by OEMs, despite its potential to ensure secure transactions. The feature was developed to isolate money transfers, medical devices, and other sensitive data from the Android system. However, patches uploaded to the Android Open Source Project indicate that Google no longer plans to further develop the feature.
Introduced with Android 9, APC was designed to ensure that users only consent to transactions with trusted apps. Google had envisioned potential expansions of this feature, such as enabling person-to-person money transactions. Despite the company’s initial high hopes, APC has seen low adoption among OEMs and users, leading to its planned deprecation by Google.
Reason for Deprecation
According to reports, Google aims to discontinue APC due to its low usage among OEMs. Despite being a useful security feature, many manufacturers and users did not adopt it, resulting in the feature falling by the wayside. The company has uploaded patches to the Android Open Source Project deprecating the hardware abstraction layer for APC, indicating that further development is not a priority.
Implications and User Protection
The deprecation of APC comes amid Google’s focus on resolving high- and critical-severity vulnerabilities through security patches, underscoring its commitment to minimizing attack surfaces and addressing emerging threats. The company has also taken preventative measures, such as introducing verification badges for Play Store apps to ensure adherence to industry-wide security and privacy standards, enhancing user protection against potentially harmful apps.
While the deprecation of APC may come as a surprise to some, Google’s continued efforts to bolster Android security and protect users from emerging threats highlight the evolving landscape of digital security. Despite the removal of this feature, users are encouraged to remain vigilant and verify all transactions as an essential measure for safeguarding against potential threats.
What is Android Protected Confirmation (APC)?
APC is a security feature introduced with Android 9 aimed at ensuring users only consent to transactions with trusted apps, with potential applications in securing money transfers and sensitive data.
Why is Google deprecating APC?
Google is discontinuing APC due to its low usage among OEMs and users, leading to the feature being deprioritized for further development.
How is Google enhancing user protection amidst the deprecation of APC?
Google is actively addressing high- and critical-severity vulnerabilities through security patches and introducing verification badges for Play Store apps to ensure adherence to security and privacy standards, bolstering user protection.