Android Pie cloud backups are now encrypted with user’s lock screen passwords


Android Pie

Google Android 9.0 Pie changes the way backups are stored in a way that even Google can’t read the data. It is known that Google automatically backs up data like SMS, messages on Pixel phones to the cloud so if you wipe your device you can restore them back again.

Now, in the company’s security blog, Google revealed that “devices can take advantage of a new capability where backed-up application data can only be decrypted by a key that is randomly generated at the client.” This key is based on the user’s lock screen password, which isn’t known by Google. Post which the data is stored on a Titan security module on Google’s servers which permanently blocks access after too many failed attempts.

Google even hired NCC group to perform a full audit to ensure the new backup method is fully secure. Though the agency discovered a few issues, Google says the problems were quickly fixed. However, it is not clear which phones can use this new backup functionality but Android 9.0 Pie is one of the requirements.

Source