Android O brings a plethora of security enhancements to the platform and the SDK. This talk will give you a concise update on these new security features and any breaking changes as well as practical tips and examples of how to implement them and improve your app’s security. We’ll cover features such as Auto fill, restrictions on device hardware identification with the focus on user privacy, new permissions in telephony and updates to how apps can access user accounts. We’ll discuss the major enhancements to Webview in Android O including isolating it’s process and ability to integrate with Google Safe Browsing API. Also the dropping of support for SSLv3 and enhancements to Network security config that was introduced in Android Nougat. They’ll also be a focus on security features you can implement when your apps is not running on Android O. This where Google Play services can help. Several new SafteyNet APIs allow developers make smarter decisions about the trustworthiness of the devices their app is running on. Lastly we’ll cover how to easy it is to transition to Google Play App Signing which offers a new way to manage your app’s signing keys.
Scott is a consultant Android developer who is passionate about mobile app security and recently joined the Google Developer Experts program. He is co-author of “The Android Security Cookbook”, speaks at various conferences on the subject and has released several security related open source libraries. In 2011, Scott founded and continues to co-run SWmobile meetup group based in Bristol/Bath (UK). Mobile professionals can meet and share knowledge at the monthly tech talk/social events. To relax and bug out from the screen Scott enjoys spending time with his wife and children, running, Mexican food, Belgian beer and science fiction.