Android 15 we just started to get to know it with the first Developer Preview distributed by Google. In addition to the news that we have already glimpsed, a new feature seems to be on the way safety for the protection of OTPs.
When we talk about OTP we mean the One Time Passwordwhich are the codes that you receive every time you try to log in to a protected account from two-step authentication and which can be used once. It seems that Google wants to secure these OTPs with the next version of Android.
Android Authority analyzed the code of Android 14 QPR3 Beta 1 detecting a new feature that would limit access at sensitive notifications. APIs are currently available on Android that can provide access to notifications to apps installed on smartphones, subject to authorization from users.
Access to notifications it is not to be taken lightly. Even the codes OTP they are contained in notifications, for example when they are received via SMS or email.
Therefore, Google seems intent on limiting access to notifications only to certified apps, or even only to apps released by the manufacturer.
This could mean that the third-party apps will not be able to log into to sensitive notifications with upcoming Android versions. When we talk about sensitive notifications we mean all those notifications that could contain information that puts the user at risk safety of user data, in case they fall into wrong hands.
The hypothesis therefore is that Google intends to limit access to sensitive notifications, such as those that include OTPs, precisely to protect users from any malware which actually have the goal of stealing sensitive information. Currently this feature is not used in Android 14, and for this reason we expect to see it with Android 15.
