Google wants Android to have voting-level security according to statements made at the company’s I/O 2018 developer conference during a session on What’s New With Android. During the session Google unveiled that it’s working on a new set of security protocols and technology that it already has a few different partners for, including the Royal Bank of Canada, Duo Security, and Bigfoot Medical. The new tech is being called Android Protection Confirmation, and as the name suggests it would end up requiring a confirmation from the user, but on a two-pronged front before an action can be completed.
First, the phone would enter into a Trusted Execution Environment and ask the user to confirm that they want to complete the action that was requested. Once confirmed, a second confirmation would be required that would consist of pressing a hardware key on the device. Which hardware key could change based on the device since each phone is different but as all phones have a physical power button this would be the likely hardware key used for all devices. In a sense, it’s kind of like two-factor authentication as any actions taken that are desired to be completed would need two confirmations to finish. This is all happening while the TEE has control of the phone’s display until both confirmations come through.
Google doesn’t specifically mention that this would be used for allowing voting to take place via Android smartphones, but it does appear to be suggested as a possible use case, among other things like financial transactions, hence the Royal Bank of Canada being one of Google’s first partners for this technology moving forward. All of this is supposed to be included with Android P which is Google’s next version of the Android operating system, so while it may not allow people to vote, Android P will be adding a new level of security that Android has yet to offer, and should make people less wary of doing things like online banking from their phones.
