Google is in the process of developing an advanced version of Android that is designed to enhance the security of single-use codes that are transmitted via text message or email. This innovative security measure is currently in the works and aims to make the receipt of sensitive notifications more secure for users.
The tech giant is in the midst of working on a new permit, which will authorize select applications to receive what Google refers to as sensitive notifications. This information was discovered by Android Authority in the beta 1 of Android 14 QPR3.
As per the details, this permission is connected to a level of protection that is not universally available for all applications. Instead, it is exclusively available for applications that are backed by the company’s support.
This permission is a critical component of a new feature, currently under development, designed to safeguard confidential notifications from untrusted applications. The feature involves the use of an API that necessitates the user’s grant of permission, enabling the ‘apps’ to read or act on the notifications.
According to Android Authority, this is a feature Google plans to incorporate in the multi-factor authentication system. This assumption was formed based on a flag identified as ‘OTP_REDACTION’ found in the Android 14 source code. As they explain, the flag regulates the generation of one-time password notifications on the lock screen.
However, the flag is inactive in Android 14, leading to the conclusion that Google is developing this feature for the upcoming version, Android 15. Regardless of the version number of the operating system, the combination of these two features (the ‘OTP_REDACTION’ flag and the receipt of sensitive notifications) could potentially protect codes sent via SMS or email from being leaked.
