Google is reportedly working on a security feature for Android 15 that will prevent hackers from accessing your 2FA codes and OTPs by preventing them from being read by untrusted apps.
In the last few years, Google added several new features to Android like Play Protect and others that aim to keep the device secure from malicious apps. Now, the tech giant seems to be working on a new feature for Android 15 that will help hide your one-time passwords and two-factor authentication (2FA) codes from hackers.
While 2FA codes and OTPs sent via email and text are generally convenient since they can be easily read, they are also easy to steal. According to Android expert Mishaal Rehman via AndroidAuthority, Android 14 QPR3 Beta 1 introduces a new permission called RECEIVE_SENSITIVE_NOTIFICATIONS, which offers some protection since the role can only be accessed to applications with the role or those signed by the OEM.
The report adds that Google is yet to clarify exactly what it will do, but the tech giant won’t likely let third-party apps use it. Rehman says that it might be because the permission is currently tied to a new under-development feature that will help hide sensitive notifications from untrusted apps.
He also came across an unused flag labelled OTP_REDACTION in Android 14 source code, which might help hide 2FA and OTP notifications on the lock screen. The unused flag and the new permission suggest Android 15 will prevent users from leaking their 2FA codes on the lock screen as well as prevent apps from reading notifications.
Google recently unveiled the first developer preview of Android 15, which brings improvements across the board in areas like performance, privacy and security. Similar to last year, the tech giant is expected to release Android 15 in October alongside the Pixel 9 series.
Source:indianexpress.com