For a long time, Android has supported encrypting the user’s data through storage encryption. While the common way to protect data, encryption does come with a processing cost that only certain hardware is capable of. That’s why Google hasn’t strictly enforced storage encryption on Android devices that don’t have the hardware necessary to make that painless and smooth. That changes in Android Q, however, thanks to a new technology that will let any and all such devices perform encryption no sweat.
Android supports the Advanced Encryption Standard when encrypting phone storage but this requires specialized hardware to be fast and efficient. That’s no problem for mid to high-range phones running on ARMv8 processors. Budget phones, smartwatches, and even smart TVs, however, aren’t so lucky.
Last February, Google revealed its new Adiantum encryption mode. In a nutshell, this used concepts and algorithms from HTTPS encryption to provide a fast yet still secure encryption without the need for dedicated encryption hardware in systems-on-chip (SoCs). Google admits the technology is still new it is confident in its security. Confident enough, it seems to change Android’s security rules.
Starting Android Q, all Android devices are required to encrypt user’s data, no questions asked. That includes all Android incarnations like Wear OS, Android TV, and Android Automotive. Devices with the proper hardware will most likely continue using AES while those that don’t can fallback to Adiantum.
This stronger stance on encryption could make Android even more favorable in enterprise use. Google has also revealed some of its upcoming plans in that market, which includes allowing users to see their work calendar alongside their personal ones. Provided their IT admins allow it, of course. Those admins will also gain more control over devices, from being able to install Androids manually from a file or immediately receive feedback from managed apps on employees’ devices.