Security Updates on Android will be Mandatory
Reportedly, Google is rolling out a new Android licensing agreement to Android device makers that requires security updates for specific devices for two years. While most Android phones already get some updates, they do not get all of them, which can pose security threats.
What This Security Agreement Means
Android device makers will have to deploy at least four security patches for new phones within the first year they are available on the market. After the first year, these makers must continue supporting devices for one additional year with security patches. However, during the second year, Google does not indicate exactly how many security patches the device makers have to cover.
What Kind of Security Updates Will They Release?
With the license agreement, device makers cannot simply roll out random security patches. The updates must cover all reported bugs and flaws as of the patch date noted in the system software. The updates also cannot be more than 90 days old. In other words, there will be security updates quarterly in the first year. Although Google didn’t specify a number for year two, Android device owners can expect reasonable security fixes.
Which Android Devices are Supported?
This new agreement will apply only to Android devices launched after January 31, 2019. Any devices created prior will not have mandatory security updates. Google is targeting “popular” devices with this security update agreement, meaning that only phones or tablets with at least 100,000 activations will receive this mandatory support.
As of August 2018, only 75% of device makers’ phones and tablets qualified for these new rules.
You can make sure you know what the security patches cover in two ways:
- Go into the system settings and check the security patch level of your phone.
- Read the Android patch notes on the vulnerabilities that it covers. The link to the official notes is the patch date.