A toggle will make it possible to require encryption for phone calls and SMS
The first stable release of Android 14 is almost here, with a launch slated for sometime after July 2023. Ahead of that, Google is drumming up some more excitement around the new Android version with a security-focused announcement. After the company already introduced an option to turn off potentially insecure 2G connections two years ago with Android 12, Google is adding further measures to combat mobile connectivity attacks that leverage poor encryption standards for phone calls and SMS messages.
On the Google Pixel 6 and newer, Android 12 introduced an “Allow 2G” toggle in the system settings for your mobile internet connection. In a blog post, Google announces that Android 14 will add one more entry in this section, likely right below the toggle mentioned: “Require encryption.” According to a currently available draft, the description for this toggle will read “Encryption is more secure, but you might not be able to connect in some locations. For emergency calls, encryption is never required.”
Google explains that it’s adding this toggle because it’s impossible for end users to tell whether their call and SMS transmissions are properly encrypted. According to a report cited by the company, many networks use co-called “null ciphers,” which make it easy for other actors to intercept SMS and calls over the air. These null ciphers, which basically don’t offer any protection from interception, are usually only meant for testing or debugging, for emergency calls on devices without an active SIM card, and as a fallback if a phone isn’t compatible with more modern cellular encryption standards. The report makes clear that many networks are misconfigured to always use null ciphers, though.
That’s where the new toggle comes into play. It doesn’t accept null-ciphered connections, meaning that you can be certain that your calls and SMS messages will become harder to intercept. This is particularly relevant when you receive one-time passwords via SMS, but it’s also an added peace of mind and offers more privacy for any conversations you have. Like the 2G toggle, you will have to enable it explicitly in settings, as it will likely make your experience more limited in some circumstances.
It’s unclear if the toggle is coming to devices that are currently on sale already, given that it’s a change to one of the core connectors between Android and the underlying hardware, the Hardware Abstraction Layer (HAL). The draft Google cites notes that hardware upgrades are “probably” required, and the company’s blog post says: “We expect this new connectivity security feature to be available in more devices over the next few years as it is adopted by Android OEMs.” With the 2G toggle, a hardware upgrade was required, hence it only became available on the Pixel 6 and newer after Android 12 launched. Thus, it’s possible that this toggle will come to the upcoming Google Pixel 8 series first.
In another change, enterprises will finally be able to make use of the aforementioned 2G toggle. Android Enterprise will make it possible to force-disable 2G connections for all deployed devices, in addition to the existing options like Wi-Fi, Bluetooth, and USB data connections. With this, enterprise customers can benefit from the same security improvements that make it harder for person-in-the-middle attacks that pose as fake 2G towers and get some protection from stingray tracking.
Manuel Vonau is Android Police’s Google Editor, with expertise in Android, Chrome, and other Google products — the very core of Android Police’s content. He has been covering tech news and reviewing devices since joining Android Police as a news writer in 2019. He lives in Berlin, Germany.
Manuel studied Media and Culture studies in Düsseldorf, finishing his university career with a master’s thesis titled “The Aesthetics of Tech YouTube Channels: Production of Proximity and Authenticity.” His background gives him a unique perspective on the ever-evolving world of technology and its implications on society. He isn’t shy to dig into technical backgrounds and the nitty-gritty developer details, either.
Manuel’s first steps into the Android world were plagued by issues. After his HTC One S refused to connect to mobile internet despite three warranty repairs, he quickly switched to a Nexus 4, which he considers his true first Android phone. Since then, he has mostly been faithful to the Google phone lineup, though these days, he is also carrying an iPhone in addition to his Pixel phone. This helps him gain perspective on the mobile industry at large and gives him multiple points of reference in his coverage.
Outside of work, Manuel enjoys a good film or TV show, loves to travel, and you will find him roaming one of Berlin’s many museums, cafés, cinemas, and restaurants occasionally.