Android OEMs to Provide Secure Factory Reset Feature – Google

With the latest version of its mobile OS, Android 6.0 Marshmallow, Google has been taking precautions and measures to bring uniformity and consistency, apart from reinforcing security across the millions of devices running on its software.

Google is making it compulsory for OEMs that are using – or are going to use – Android Marshmallow, to provide the secure factory reset feature. Surprising as it is, Google hadn’t determined how it wants it partners to manage the factory resets, until now. As you realize, this poses a security problem if an OEM, for instance, failed to program correctly its approach to factory reset.

Android Marshmallow 6.0

But from this moment on, companies will have to live by Google’s rules. In its compatibility document, it stated the following:

“Devices MUST provide users with a mechanism to perform a ‘Factory Data Reset’ that allows logical and physical deletion of all data. This MUST satisfy relevant industry standards for data deletion such as NIST SP800-88 […] Devices MAY provide a fast data wipe that conducts a logical data erase.”

The other side of the coin is quite intriguing as well. Google now asks OEMs to use high-quality sensors that “meet all the requirements” and are handled accordingly. Technically, the sensors have to “identify the support through the  android.hardware.sensor.hifi_sensors feature flag.”

Among other changes, Google also requires its OEMs to offer full-disk encryption enabled by default, and use a predefined set of instructions for all the fingerprint sensors ondevices. Google is now following how the pre-installed apps access some of the protected features.