Find Hub 'Mark as lost' will require biometric unlock & hide Quick Settings, more

At a glance:

• Find Hub's "Mark as lost" feature will now require biometric authentication and hide Quick Settings
• Android 17 introduces improved PIN/password security with reduced guess attempts and increased wait times between failed attempts
• Remote Lock and Theft Detection Lock are now enabled by default on new Android 17 devices globally

Enhanced Device Security

At The Android Show, Google today announced the latest security and privacy features for the mobile operating system. These updates focus on providing users with more robust protection mechanisms for their devices and data. The Find Hub's "Mark as lost" feature is getting a significant upgrade, requiring biometric authentication before a device can be marked as lost. This means users will need to enter both a passcode/PIN and use fingerprint or face unlock to activate this security measure. Additionally, when a device is marked as lost, it will automatically hide Quick Settings and disable new Wi-Fi/Bluetooth connections to prevent unauthorized access to device functions.

Android 17 introduces substantial improvements to PIN and password security. Supported devices will have "significantly reduced the number of times someone can guess the PIN or password." This is complemented by increased wait times between failed attempts, making brute force attacks more difficult. These security enhancements are designed to protect user data even if a device falls into the wrong hands. The combination of limited guess attempts and enforced delays creates multiple layers of defense against unauthorized access attempts.

Global Security Expansion

Google is extending its security protections to a broader range of devices and markets. Remote Lock and Theft Detection Lock are now enabled by default on new, reset, or upgraded Android 17 devices around the world. This means these critical security features will be active immediately upon device setup, providing users with protection from the moment they start using their devices.

In markets with high demand, including Argentina, Chile, Colombia, Mexico, and the UK, Google is extending these protections even further. In these regions, all devices running Android 10 or higher will benefit from these enhanced security measures. This expansion demonstrates Google's commitment to providing comprehensive security across different markets and device generations, ensuring that users worldwide have access to robust protection against device theft and unauthorized access.

Device Recovery and IMEI Access

To aid in device recovery, Android is introducing a new feature that allows access to a device's IMEI directly from the lock screen on devices running Android 12 or higher. The International Mobile Equipment Identity (IMEI) is a unique identifier for each mobile device, and this new accessibility feature can be crucial for recovery efforts. Law enforcement, device manufacturers, or mobile network operators can use this unique device identifier to quickly verify device ownership and facilitate its return to the rightful owner.

This IMEI access feature can be disabled at any time in the device settings, giving users control over their privacy while still providing the option to enable it when needed. The implementation of this feature represents a balance between security and privacy, allowing for device recovery without compromising user privacy when the feature is not required. This addition to Android's security toolkit addresses a common pain point for device owners who need to prove ownership to recover their lost or stolen devices.

Advanced Protection Enhancements

Android 17's Advanced Protection is receiving a set of new features to further enhance device security. These include removing access to the accessibility service from all apps that are not labeled as accessibility tools, which prevents malicious apps from abusing these permissions. Additionally, device-to-device unlocking is being disabled to eliminate potential security vulnerabilities that could arise from trusted device relationships.

Chrome WebGPU support is being disabled in Advanced Protection mode to mitigate potential security risks associated with this graphics API. Scam detection is being integrated into chat notifications to help users identify and avoid fraudulent messages. Android Enterprise support for Advanced Protection is also being added, allowing organizations to implement these enhanced security measures across their managed devices. These comprehensive updates to Advanced Protection demonstrate Google's ongoing commitment to providing users with the highest level of security available on the Android platform.

Malware and Threat Detection

Android is strengthening its defenses against malware and emerging threats through several new features. Chrome for Android users who have Safe Browsing enabled will now see Google evaluate APK downloads "for known malware and stop you before you download it." This proactive approach to malware prevention helps users avoid installing potentially harmful applications before they can cause damage.

Live Threat Detection is being enhanced to analyze the behavior of apps in real-time and alert users if they start acting suspiciously. New alerts specifically cover SMS forwarding accessibility, which is commonly abused by malicious applications. Dynamic signal monitoring analyzes "application system interaction for known suspicious patterns in realtime," providing comprehensive threat detection capabilities. These features will be enabled on Android 17 with the protections available in the second half of 2026, ensuring users are protected against both existing and emerging threats.

Android OS Verification and Network Security

Android 17 introduces OS verification functionality to help ensure device integrity. This feature helps "verify that your device is running an official, widely distributed build of the Android OS," protecting against modified or potentially compromised versions of the operating system. This verification process adds another layer of security by ensuring that the software running on the device has not been tampered with.

Android 17 also allows carriers to disable 2G by default, which helps "proactively shielding customers from legacy technology vulnerabilities in areas where 2G infrastructure is no longer maintained." As older network technologies become obsolete, they often lack the security updates and protections of newer standards. By allowing carriers to disable 2G, Google is helping protect users from vulnerabilities in outdated network infrastructure, ensuring that communications remain secure as technology evolves.

Verified Financial Calls

Google is working with select banks and financial institutions on verified financial calls that automatically end "phone calls from spoofed numbers impersonating participating financial apps." This innovative security feature addresses the growing problem of spoofed calls that attempt to impersonate legitimate financial institutions to trick users into revealing sensitive information.

The verification process works as follows: When you receive a call that appears to be from your bank or financial institution, Android asks the app for confirmation to see if they are actually calling you. If the app confirms that no phone call is being made, the system ends the call. Additionally, financial institutions may designate numbers as inbound-only, meaning they never use them to call customers. Incoming calls from these numbers will be ended directly. This feature will be available for customers of Revolut, Itaú, and Nubank on Android 11+ phones in the coming weeks, with wider availability expected later this year.