Android Developers Blog

What’s new in WebView security

22 June 2017

Posted by Xiaowen Xin and Renu Chaudhary, Android Security Team The processing of external and untrusted content is often one of the most important functions of an app. A newsreader shows the top news articles and a shopping app displays the catalog of items for sale. This comes with associated risks as the processing of untrusted content is also one of the main ways that an attacker can compromise your app, i.e. by passing you malformed content. Many apps handle untrusted content using WebView, and we've made many improvements in Android over the years to protect it and your app against compromise. With Android Lollipop, we started delivering WebView as an independent APK, updated every six weeks from the Play store, so that we can get important fixes to users quickly. With the newest WebView, we've added a couple more important security enhancements. Isolating the renderer process in Android O Starting with Android O, WebView will have the renderer running in an isolated process separate from the host app, taking advantage of the isolation between processes provided by Android that has been available for other applications.

Similar to Chrome, WebView now provides two levels of isolation:

The rendering engine has been split into a separate process. This insulates the host app from bugs or crashes in the renderer process and makes it harder for a malicious website that can exploit the renderer to then exploit the host app.

To further contain it, the renderer process is run within an isolated process sandbox that restricts it to a limited set of resources. For example, the rendering engine cannot write to disk or talk to the network on its own.

It is also bound to the same seccomp filter (blogpost on seccomp is coming soon) as used by Chrome on Android. The seccomp filter reduces the number of system calls the renderer process can access and also restricts the allowed arguments to the system calls.

Incorporating Safe Browsing The newest version of WebView incorporates Google's Safe Browsing protections to detect and warn users about potentially dangerous sites.. When correctly configured, WebView checks URLs against Safe Browsing's malware and phishing database and displays a warning message before users visit a dangerous site. On Chrome, this helpful information is displayed more than 250 million times a month, and now it's available in WebView on Android. Enabling Safe Browsing To enable Safe Browsing for all WebViews in your app, add in a manifest tag: <manifest> <meta-data android:name="android.webkit.WebView.EnableSafeBrowsing" android:value="true" /> . . . <application> . . . </application> </manifest> Because WebView is distributed as a separate APK, Safe Browsing for WebView is available today for devices running Android 5.0 and above. With just one added line in your manifest, you can update your app and improve security for most of your users immediately. .blogimage img { width: 100%; border: 0; margin: 0; padding: 0; } .floatimage img { float: right; width: 45%; }

Ending support for Android Market on Android 2.1 and lower

20 June 2017

Posted by Maximilian Ruppaner, Software Engineer on Google Play On June 30, 2017, Google will be ending support for the Android Market app on Android 2.1 Eclair and older devices. When this change happens, users on these devices will no longer be able to access, or install other apps from, the Android Market. The change will happen without a notification on the device, due to technical restrictions in the original Android Market app. It has been 7 years since Android 2.1 Eclair launched. Most app developers are no longer supporting these Android versions in their apps given these devices now account for only a small number of installs. We will still be supporting later versions of Android Market for as long as feasible. Google Play, the replacement for Android Market, is available on Android 2.2 and above.

Semantic Time support now available on the Awareness APIs

16 June 2017

Posted by Ritesh Nayak M, Product Manager

Last year at I/O we launched the Awareness API, a simple yet powerful API that let developers use signals such as Location, Weather, Time and User Activity to build contextually relevant app experiences. Available via Google Play services, the Awareness API offers two ways to take advantage of context signals within your app. The Snapshot API lets your app request information about the user's current context, while the Fence API lets your app react to changes in user's context, and when it matches a certain set of conditions. For example, "tell me whenever the user is walking and their headphone is plugged in". Until now, you could specify a time fence on the Awareness APIs but were restricted to using absolute/canonical representation of time. Based on developer feedback, we realized that the flexibility of the API in regards to building time fences did not support higher level abstractions people use when they think and talk about time. "This weekend", "on the next holiday", "after sunset", are all very common and colloquial ways of expressing time. That's why we're adding Semantic time support to these APIs starting today For e.g., if you were building a fitness app and wanted a way to prompt users everyday morning to start their routine, or if you're a reading app that wants to turn on night mode after dusk; you would have to query a 3p API for sunrise/sunset information at the user location and then write up an Awareness fence with those canonical time values. With our latest update, you can use our TIME_INSTANT_SUNRISE and TIME_INSTANT_SUNSET constants and let the platform manage all the complexity for you. Let's look at an example. Suppose you're building a fitness app which prompts users on Tuesday, and Thursday around sunrise to begin their morning work out. You can set up this triggering using the following lines of code. // A sun-state-based fence that is TRUE only on Tuesday and Thursday during Sunrise AwarenessFence.and( TimeFence.aroundTimeInstant(TimeFence.TIME_INSTANT_SUNRISE, -10 * ONE_MINUTE_MILLIS, 5 * ONE_MINUTE_MILLIS), AwarenessFence.or( TimeFence.inIntervalOfDay(TimeFence.DAY_OF_WEEK_TUESDAY, 0, ONE_DAY_MILLIS), TimeFence.inIntervalOfDay(TimeFence.DAY_OF_WEEK_THURSDAY, 0, ONE_DAY_MILLIS))); One of our favorite semantic time features is public holidays. Every country and regions within it have different holidays. Assume you were a local hiking & adventure app that wants to show users activities they can indulge in on a holiday that falls on a Friday or a Monday. You can use a combination of Days and Holiday flags to identify this state for all your users around the world. You can do this with just 3 lines of code and have this work in any part of the world. // A local-time fence that is TRUE only on public holidays in the // device locale that fall on Fridays or Mondays. AwarenessFence.and( TimeFence.inTimeInterval(TimeFence.TIME_INTERVAL_HOLIDAY), AwarenessFence.or( TimeFence.inIntervalOfDay(TimeFence.DAY_OF_WEEK_FRIDAY, 9 * ONE_HOUR_MILLIS, 11 * ONE_HOUR_MILLIS), TimeFence.inIntervalOfDay(TimeFence.DAY_OF_WEEK_MONDAY, 9 * ONE_HOUR_MILLIS, 11 * ONE_HOUR_MILLIS))); In both example cases, Awareness does the heavy lifting of localizing time and holidays based on the device locale settings. We're excited to see what problems you'll solve using this powerful API. Please join our mailing list to get updates about this and other Context APIs at Google. .blogimage img { width: 100%; }

Android Things Developer Preview 4.1

15 June 2017

Posted by Wayne Piekarski, Developer Advocate for IoT Today, we're releasing a new Developer Preview 4.1 (DP4.1) of Android Things, with updates for new supported hardware and bug fixes to the platform. Android Things is Google's platform to enable Android Developers to create Internet of Things (IoT) devices, and seamlessly scale from prototype to production. New hardware A new Pico i.MX6UL revision B board has been released, which supports many common external peripherals from partners such as Adafruit and Pimoroni. There were some prototype Pico i.MX6UL boards made available to some early beta testers, and these are not compatible with DP4.1. Improvements DP4.1 also includes some performance improvements since DP4, such as boot time optimizations that improve the startup time of i.MX7D based hardware. This Developer Preview also includes a version of Google Play Services, specifically optimized for IoT devices. This new IoT variant is a lot smaller and optimized for use with Android Things, and requires the use of play-services 11.0.0 or later in your build.gradle. For more information about the supported features in the IoT variant of Google Play Services, see the information page. Google I/O Android Things had a large presence at Google I/O this year, with 7 talks covering different aspects of Android Things for developers, and these are available as videos in a playlist for those who could not attend:

What’s New In Google’s IoT Platform? Ubiquitous Computing at Google

Bringing Device Production to Everyone With Android Things

From Prototype to Production Devices with Android Things

Developing for Android Things Using Android Studio

Security for IoT on Android Things

Using Google Cloud and TensorFlow on Android Things

Building for Enterprise IoT Using Android Things and Google Cloud Platform

Google I/O also had a codelab area, where attendees could sit down and test out Android Things development with some simple guided training guides. These codelabs are available for anyone to try at https://codelabs.developers.google.com/?cat=IoT Feedback Thank you to all the developers who submitted feedback for the previous developer previews. Please continue sending us your feedback by filing bug reports and feature requests, and asking any questions on stackoverflow. To download images for DP4.1, visit the Android Things download page and find the changes in the release notes. You can also join Google's IoT Developers Community on Google+, a great resource to get updates and discuss ideas, with over 5,600 members. .parent { display: flex; justify-content: space-around; align-items: center; width: 100% flex-wrap: wrap; } .child1 { width: 30%; display: flex; justify-content: center; align-items: center; } .child1 img { object-fit: contain; width: 150px; margin: 0; border: 0; padding: 0; } .child2 { width: 70%; text-align: left; padding: 0 0 0 5px; }

Reduce friction with the new Location APIs

14 June 2017

Posted by Aaron Stacy, Software Engineer, Google Play services The 11.0.0 release of the Google Play services SDK includes a new way to access LocationServices. The new APIs do not require your app to manually manage a connection to Google Play services through a GoogleApiClient. This reduces boilerplate and common pitfalls in your app. Read more below, or head straight to the updated location samples on GitHub. Why not use GoogleApiClient? The LocationServices APIs allow you to access device location, set up geofences, prompt the user to enable location on the device and more. In order to access these services, the app must connect to Google Play services, which can involve error-prone connection logic. For example, can you spot the crash in the app below? Note: we'll assume our app has the ACCESS_FINE_LOCATION permission, which is required to get the user's exact location using the LocationServices APIs. public class MainActivity extends AppCompatActivity implements GoogleApiClient.OnConnectionFailedListener { @Override public void onCreate(@Nullable Bundle savedInstanceState) { super.onCreate(savedInstanceState); GoogleApiClient client = new GoogleApiClient.Builder(this) .enableAutoManage(this, this) .addApi(LocationServices.API) .build(); client.connect(); PendingResult result = LocationServices.FusedLocationApi.requestLocationUpdates( client, LocationRequest.create(), pendingIntent); result.setResultCallback(new ResultCallback() { @Override public void onResult(@NonNull Status status) { Log.d(TAG, "Result: " + status.getStatusMessage()); } }); } // ... } If you pointed to the requestLocationUpdates() call, you're right! That call throws an IllegalStateException, since the GoogleApiClient is has not yet connected. The call to connect() is asynchronous. While the code above looks like it should work, it's missing a ConnectionCallbacks argument to the GoogleApiClient builder. The call to request location updates should only be made after the onConnected callback has fired: public class MainActivity extends AppCompatActivity implements GoogleApiClient.OnConnectionFailedListener, GoogleApiClient.ConnectionCallbacks { private GoogleApiClient client; @Override protected void onCreate(@Nullable Bundle savedInstanceState) { super.onCreate(savedInstanceState); client = new GoogleApiClient.Builder(this) .enableAutoManage(this, this) .addApi(LocationServices.API) .addConnectionCallbacks(this) .build(); client.connect(); } @Override public void onConnected(@Nullable Bundle bundle) { PendingResult result = LocationServices.FusedLocationApi.requestLocationUpdates( client, LocationRequest.create(), pendingIntent); result.setResultCallback(new ResultCallback() { @Override public void onResult(@NonNull Status status) { Log.d(TAG, "Result: " + status.getStatusMessage()); } }); } // ... } Now the code works, but it's not ideal for a few reasons:

It would be hard to refactor into shared classes if, for instance, you wanted to access Location Services in multiple activities.

The app connects optimistically in onCreate even if Location Services are not needed until later (for example, after user input).

It does not handle the case where the app fails to connect to Google Play services.

There is a lot of boilerplate connection logic before getting started with location updates.

A better developer experience The new LocationServices APIs are much simpler and will make your code less error prone. The connection logic is handled automatically, and you only need to attach a single completion listener: public class MainActivity extends AppCompatActivity { @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); FusedLocationProviderClient client = LocationServices.getFusedLocationProviderClient(this); client.requestLocationUpdates(LocationRequest.create(), pendingIntent) .addOnCompleteListener(new OnCompleteListener() { @Override public void onComplete(@NonNull Task task) { Log.d("MainActivity", "Result: " + task.getResult()); } }); } } The new API immediately improves the code in a few ways:

The API calls automatically wait for the service connection to be established, which removes the need to wait for onConnected before making requests.

It uses the Task API which makes it easier to compose asynchronous operations.

The code is self-contained and could easily be moved into a shared utility class or similar.

You don't need to understand the underlying connection process to start coding.

What happened to all of the callbacks? The new API will automatically resolve certain connection failures for you, so you don't need to write code that for things like prompting the user to update Google Play services. Rather than exposing connection failures globally in the onConnectionFailed method, connection problems will fail the Task with an ApiException: client.requestLocationUpdates(LocationRequest.create(), pendingIntent) .addOnFailureListener(new OnFailureListener() { @Override public void onFailure(@NonNull Exception e) { if (e instanceof ApiException) { Log.w(TAG, ((ApiException) e).getStatusMessage()); } else { Log.w(TAG, e.getMessage()); } } });Try it for yourself Try the new LocationServices APIs out for yourself in your own app or head over to the android-play-location samples on GitHub and see more examples of how the new clients reduce boilerplate and simplify logic.

Recognizing Android Excellence on Google Play

13 June 2017

Posted by Kacey Fahey, Developer Marketing, Google Play

Every day developers around the world are hard at work creating high quality apps and games on Android. Striving to deliver amazing experiences for an ever growing diverse user base, we've seen a significant increase in the level of polish and quality of apps and games on Google Play. As part of our efforts to recognize this content on the Play Store, today we're launching Android Excellence. The new collections will showcase apps and games that deliver incredible user experiences on Android, use many of our best practices, and have great design, technical performance, localization, and device optimization. Android Excellence collections will refresh quarterly and can be found within the revamped Editors' Choice section of the Play Store – which includes app and game reviews curated by our editorial team. Congrats to our first group of Android Excellence apps and games!

Android Excellence Apps

Android Excellence Games

AliExpress by Alibaba Mobile

B&H Photo Video by B&H Photo Video

Citymapper by Citymapper Limited

Drivvo by Drivvo

drupe by drupe

Evernote by Evernote Corporation

HotelTonight by HotelTonight

Kitchen Stories by Kitchen Stories

Komoot by komoot GmbH

Lifesum by Lifesum

Memrise by Memrise

Pocket by Read It Later

Runtastic Running & Fitness by Runtastic

Skyscanner by Skyscanner Ltd

Sleep as Android by Urbandroid Team

Vivino by Vivino

After the End Forsaken Destiny by NEXON M Inc.

CATS: Crash Arena Turbo Stars by ZeptoLab

Golf Clash by Playdemic

Hitman GO Square Enix Ltd

Horizon Chase by Aquiris Game Studio S.A

Kill Shot Bravo by Hothead Games

Lineage Red Knights by NCSOFT Corporation

Nonstop Knight by flaregames

PAC-MAN 256 - Endless Maze by Bandai Namco Entertainment Europe

Pictionary™ by Etermax

Reigns by DevolverDigital

Riptide GP: Renegade by Vector Unit

Star Wars™: Galaxy of Heroes by Electronic Arts

Titan Brawl by Omnidrone

Toca Blocks by Toca Boca

Transformers: Forged to Fight by Kabam

Stay up-to-date on best practices to succeed on Play and get the latest news and videos with the new beta version of our Playbook app for developers. How useful did you find this blogpost? ★ ★ ★ ★ ★

.blogimage img { float: right; margin: 0; padding: 0; border: 0; width: 40%; } table { border-collapse: collapse; border-spacing: 0; width: 100%; } th { text-align: left; padding: 8px; text-align: left; vertical-align: middle; width: 50%; font-size: 125%; } td { text-align: left; padding: 8px; vertical-align: top; width: 50%; } .note { text-align: center; margin: 0; padding: 0; font-size: 75%; } .playlogo img { display: block; margin: auto; width: 40%; }

Money made easily with the new Google Play Billing Library

12 June 2017

Posted by Neto Marin, Developer Advocate Many developers want to make money through their apps, but it's not always easy to deal with all the different types of payment methods. We launched the Google Play In-app Billing API v3 in 2013, helping developers offer in-app products and subscriptions within their apps. Year after year, we've added features to the API, like subscription renewal, upgrades and downgrades, free trials, introductory pricing, promotion codes, and more. Based on your feedback, we’re pleased to announce the Play Billing Library - Developer Preview 1. This library aims to simplify the development process when it comes to billing, allowing you to focus your efforts on implementing logic specific to your app, such as application architecture and navigation structure. The library includes several convenient classes and features for you to use when integrating your Android apps with the In-app Billing API. The library also provides an abstraction layer on top of the Android Interface Definition Language (AIDL) service, making it easier for you to define the interface between your app and the In-app Billing API. Easy to get started and easy to use Starting with Play Billing Library Developer Preview release, the minimum supported API level is Android 2.2 (API level 8), and the minimum supported In-app Billing API is version 3. In-app billing relies on the Google Play Store, which handles the communication between your app and Google's Play billing service. To use Google Play billing features, your app must request the

com.android.vending.BILLING

permission in your AndroidManifest.xml file. To use the library, add the following dependency in your build.gradle file: dependencies { ... compile 'com.android.billingclient:billing:dp-1' } After this quick setup process, you're ready to start using the Play Billing Library in your app and can connect to the In-app Billing API, query for available products, start the purchase flow, and more. Sample updated: Trivial Drive V2 With a new library comes a refreshed sample! To help you to understand how to implement in-app billing in your app using the new Play Billing Library, we've rewritten the Trivial Drive sample from the ground up. Since we released Trivial Drive back in 2013, many new features, devices, and platforms have been added to the Android ecosystem. To reflect this evolution, the Trivial Drive v2 sample now runs on Android TV and Android Wear. Give it a try! Before integrating within your app, you can try the Play Billing Library with the codelab published during Google I/O 2017: Buy and Subscribe: Monetize your app on Google Play. In this codelab, you will start with a simplified version of Trivial Drive V2 that lets users to "drive" and then you will add in-app billing to it. You'll learn how to integrate purchases and subscriptions as well as the best practices for developing reliable apps that handle purchases. If you are looking for a step-by-step guide about how to sell in-app products from your app using the Play Billing Library, check out our new training class, explaining how to prepare your application, add products for purchase, start purchase flow and much more. We want your feedback We look forward to hearing your feedback about this new library. Visit the Play Billing Library site, the library reference, and the new version of the Trivial Drive sample. If you have issues or questions, file a bug report on the Google Issue Tracker, and for issues and suggestions on the sample, contact us on the Trivial Drive issues page. For technical questions on implementation, library usage, and best practices, you can use the tags google-play and play-billing-library on Stackoverflow or visit the community pages on our Google+ page.

Developers Blog