Android is an OS for mobile and tablets developed by Google.
This post comments different aspects of Android security, ranging from:
- Certifications for Professionals
- Certifications for Devices
- Hardening Guidelines
- Keep updated
Android Security Features
Part of the security on Android devices depends on the device itself.
Some Google devices like Google Pixel 3, 3 XL, 3a, 3a XL and 4 contains the chip Google Titan M that add additional features.
Some Samsung devices feature Samsung Knox security.
You can find a full description of Android security features at Android Source documentation on this external link.
Android Security Training
To find a list of Android Security Training Courses, please check this post.
Android Security Certifications for Professionals
I could not find any specific Google certification about Android Security on Google Developers Certifications.
If you know of any Android security certification for professionals, I would appreciate if you could leave a comment on this post or reach me.
Android ATC’s Android Certified Application Engineer
Android Certified Application Engineer is a certified issued by the Canadian private company Android ATC (Advanced Training Consultants).
To achieve the certificate, the candidate needs to pass 3 independent exams:
- AND-X01. Android Certified Application Designer
- AND-X02. Android Security Essentials
- AND-X03. Android Applications UI/UX Design and Monetization
The X within the exam code (e.g., AND-X02) changes depending on the Android version under assessment. For example, AND-402 was updated to Android 4.0 (Ice Cream Sandwich). AND-802 was updated to Android 8 (Oreo).
Take note that the exam AND-X02 is about Android Security Essentials, so the holder of the Android Certified Application Engineer has been assessed on Android security.
Android Security Certifications for Devices
This section summarizes Android security certifications related to devices.
Android security certifications for devices:
- Google Play Protect
- Android Enterprise devices
Google Play Protect
Google Play Protect is a certification for Android devices that assess the security of the OS on the device. Manufacturers can obtain this certification for their devices.
You can read more about the Google Play Protect certification on this external link.
Google Play Protect is also an Android functionality that checks your apps and devices for harmful behavior. It is embedded in Android OS, so it is installed by default.
You can check if your Android device is Google Play Protect compliant going to Play Store > Click on Profile icon > Settings > About. The last row is called “Play Protect Certification” and in case it is certified, it will say “Device is certified”.
You can read more about Google Play Protect functionality on this external link.
Android Enterprise Devices
The Android Enterprise Solutions Directory lists devices, EMM, resellers, managed service providers (MSPs). You can find the directory on this external link.
There is a certification called “Android enterprise recommended” for devices for Android. You can find a list of them on this external link.
Android Security Certifications for Software
This section mentions Android security certifications.
Android Enterprise Software
There is an “Android enterprise recommended” for software like MDM.
Android Hardening Guides
To find a list of security hardening guides for Android, please check this post.
Android Security Protection Tools
To find a list of Android security tools, please check this post.
Android Security Testing Tools
Tools that aid testing of Android solutions.
Compatibility Test Suite (CTS)
Compatibility Test Suit (CTS) is a free test suite available in the AOSP.
It is installed in a desktop computer and then it tests through an emulator or connected mobile phone.
It is a tool that is somehow related to Android Compatibility Definition Document (CDD).
You can check this external link.
Android Security Development
This section talks about some aspects of Android security related to development.
Android Jetpack Security
Android Jetpack is a set of libraries for Android. There is one of these libraries that is dedicated to security.
You can read more about Android Jetpack Security on this external link.
Android Security Configuration
To read about how to configure securely an Android device, you can check this post.
Keep updated about Android Security
This section summarizes some ways to keep updated on the subject of Android Security.
Android Security Bulletins
You can find a list of security bulletins about Android on this external link. This list is maintained by Google.
This section summarizes some ways to get help on the subject of Android Security.
Android Help Community
Android Security LinkedIn Groups
At LinkedIn, there is the private group “Android Security“.
Android Security at Reddit
There is a subreddit called r/AndroidSecurity. You can visit it on this external link.
Android Central’s Android Security Talk
There is a channel at Android Central forums to speak about Android Security called “Android Security Talk”, and can be found on this external link.
XDA-Developers’s Security Discussions
There is a channel at XDA-Developer forum to speak about security on mobile devices called “Security Discussions”, and it can be found on this external link.
You might be also interested in…
- Android Security Training Courses
- Android Hardening Guides
- List of Android Security Tools
- Android Device Management and Administration
- Endpoint Security
- Windows 10 Security
- iOS Security
- Android Source; “Android Security“; Android Source