Google Now Requires Android OEMs to Provide Secure Factory Reset Feature

With the latest version of its mobile operating system Android 6.0 Marshmallow, Google has taken several major steps to bring uniformity and consistency, apart from bolstering security across the millions of devices that run its software. We’re now learning about two more such additions.

Google is making it mandatory for OEMs that are using – or intend to use – Android 6.0 Marshmallow to provide the secure factory reset feature. Surprising as it may sound, until now Google hadn’t defined how it wants its partners to handle factory resets. This, as you may realise, poses a security threat if an OEM failed to program its approach to factory reset correctly, as seems to be the case with Samsung’s Galaxy Note 5.

But moving forward, companies will have to abide by Google’s rules. In its compatibility document, it directed the following. “Devices MUST provide users with a mechanism to perform a ‘Factory Data Reset’ that allows logical and physical deletion of all data. This MUST satisfy relevant industry standards for data deletion such as NIST SP800-88 […] Devices MAY provide a fast data wipe that conducts a logical data erase.”

The other direction is interesting, too. Google now requires OEMs to use high-quality sensors that “meet all the requirements” and are implemented correctly. Going more technical, the sensors are required to “identify the support through the android.hardware.sensor.hifi_sensors feature flag.”

Among other changes, as previously reported, Google also requires its OEMs to offer full-disk encryption enabled by default, and use a predefined set of instructions for the fingerprint sensors on the devices. Google now also closely watches how the pre-installed apps access certain protected features.