A new E2eeContactKeysManager API was introduced in the first beta of Android 15 and is supposed to make end-to-end encryption (E2EE) in Android apps easier by offering an “OS-level API for the storage of cryptographic public keys.” According to Google, the purpose of the API is to allow users to have a “centralized way to manage and verify their contact’s public keys” by integrating it with the “platform contacts app.” A new report suggests that Android 15 may bring an Apple-like ‘Contact Keys’ feature. This add-on will probably boost security on many apps.
Android 15 likely to bring an iOS-like Contact Keys feature
The Contact Keys functionality will be handled by Google Play Services, even though Android 15 introduced the API. In the most recent Google Play Services beta, we’ve noticed some new activities and strings that hint at the functionality of the feature.
To begin with, we have identified three activities in Play Services: one for QR code scanning, one for showing the code, and one for onboarding.
The Google Contacts app will be the primary source of information for the Contact Keys functionality’s user interface. To confirm that every E2E application on the other person’s Google Contacts app is encrypted, users can scan the QR code on the app. Alternatively, the texts indicate that you might compare the app-specific integers to confirm the encryption state.
Follow SamVogue on Twitter/X now!
A similar feature is available in iOS from Apple and was first introduced in iOS 17.2. It is called Contact Key Verification. You can set up automatic notifications with Contact Key Verification to help ensure that you are speaking with the individuals you intend to speak with. Verify the encryption status to ensure that no sophisticated cyberattack is targeted at you, so you can relax.
Apple’s security blog post discusses Contact Key Verification in further detail if you’re interested in learning more. We anticipate that Google’s Contact Keys will follow suit, albeit more slowly. Unlike iMessage Contact Key Verification, the strings don’t show that any automated messages are being delivered. Although this might improve in the future, it’s certainly a positive start in the right direction right now.
Do you like this post? Kindly, let us know on X/Twitter: we love hearing your feedback! If you prefer using other social platforms besides X, follow/join us on Facebook Telegram, Instagram, and YouTube.