Protection Confirmation API
A Protection Confirmation API will be present in all devices running Android P. With the help of this API, apps can use the ConfirmationPrompt class to show confirmation pop-ups to users and ask them if they are allowed to take the appropriate action, such as sensitive transactions and bill payments, among others.
After confirmation, the App receives a cryptographic signature that is generated in the Trusted Execution Environment (TEE) and protected by a key-based Hash Message Authentication Code (HMAC). This mechanism ensures that the dialog box is displayed correctly and protects the user's input data, which is one aspect of the security enhancement.
Hardware Security Module
This additional update is something that every user will benefit from: devices with Android P installed will support a feature called StringBox Keymaster, a feature module with its own CPU, a secure storage area, and a true random number generator that also protects the app's packets from being tampered with.
To support StringBox Keymaster, Android P uses a subset of keys from the original encryption algorithm, e.g.
AES128 and 256
Peripheral device back-office strategy
In Android P, the app will not have direct access to the device's microphone, camera, and sensors. When the app tries to access these components in the background, the user will receive a notification message. If the app tries to access component data in the background, the system will return blank audio data, disconnect the camera, and then have all sensors stop returning data.
Backup data encryption
Starting with Android P, the system will start using a client-based method to encrypt the user's backup data, which means that the entire encryption process will be done on the client device. Prior to this, such an encryption process was done on the server side.
Due to the introduction of the new policy, users will need to enter a device PIN, graphical unlock code or rely on biometrics when restoring backup files.