Updated on October 18 with a major change to Android 15 security settings for Pixel owners and a leaked list of Samsung Galaxy phones due the Android 15 upgrade.
“Today, Android 15 starts rolling out to Pixel devices,” Google announced on Tuesday, heralding updates including “security features that help keep your sensitive health, financial and personal information protected from theft and fraud.” Android’s new private space hides sensitive apps from sight, while those off-grid may be able to add satellite messaging to their devices. There is also new theft protection in this release, “using AI to help keep your data safe—if your phone senses someone has snatched it and is trying to run, bike or drive away, it will automatically lock your device.”
But one of Android 15’s most exciting new security features is MIA—one we expected to see, at the very least given that the new Pixel 9s was released long after Android 15’s new features were made public. “I don’t know how they don’t support this feature,” posted one typical Redditor. “They knew it was coming you think the [Pixel] 9 would support it at least.” But it doesn’t. And it turns out the only reason we expected it to have been released is down to an awkward beta update mistake by Google.
We’re talking Google’s unique new Mobile Network Security, announced at I/O and then teased in a settings page discovered in Android 15 beta releases made available to Pixels. “We’re adding new advanced cellular protections in Android 15m” Google explained at I/O, “to defend against abuse by criminals using cell site simulators to snoop on users or send them SMS-based fraud messages.”
This includes two features—Cellular Cipher Transparency and Identifier Disclosure Transparency. The first warns when a cellular network is unencrypted, “potentially exposing voice and SMS traffic to radio interception, and potentially visible to others” and helping to protect against the new surge in SMS blaster attacks. The second warns if phone identifiers are being polled by potentially fraudulent networks to tracking users, which Google says will “help at risk-users like journalists or dissidents.”
Delivering this new security is complex. It requires upgraded modem technology working in tandem with device firmware to enable the OS to interact with the network facing side of the modem, delivering types of warnings that have not been generally available until now. Users with the right settings can disable 2G network connectivity, which resolves basic encryption issues, but the network polling and more advanced encryption safeguards are not yet available.
Google disclosed when it announced Mobile Network Security that “these features require device OEM integration and compatible hardware” explain that “we are working with the Android ecosystem to bring these features to users. We expect OEM adoption to progress over the next couple of years.” But then the settings page turned up in the Android 15 beta and it was assumed the stable release would follow. Obviously this was just a settings page, not the actual functionality, which is why the Pixel 9 was assumed to be the first device out the traps with this working. But it isn’t. It seems confirmed that this was a mistake in the beta update—a settings page exposed that should have remained hidden. That said, it could just as easily have been hardware integration that did not complete to schedule, leading to the new feature being dropped. Either way, it’s not there.
As first reported by Android Authority, “Android 15’s new cellular security features are missing on Pixel phones… We’ve confirmed that no current Pixel phones support Android 15’s new cellular security features.” This is a real shame as it was a genuine Google innovation, and one that took a lead over current iPhone capabilities. “Given that these features appeared available to Pixel users during the Android 15 beta, it would seem reasonable to assume that Pixel phones support them. That’s not actually the case, as it turns out, as the visibility of the ‘mobile network security’ settings page on Pixel phones was just a mistake.”
Android Headlines agrees, reporting that “apparently, the visibility of the ‘cellular network security’ settings page on Pixel phones was just an error from the beginning. With even just released Pixel 9s not having the hardware to run this features as yet, it begs the question as to why it was publicly announced as an Android 15 feature, prompting multiple media write-ups ahead of the Pixel 9 launch. The current narrative suggests Android 16 could turn up before device hardware capable of running this Android 15 update—all a bit pointless.
“Considering the update’s focus on security and privacy with Private Space, Remote Lock, and Theft Detection,” Android Police has since commented, “we’d have expected the previously leaked cellular security upgrades to make their way to the stable release, though that doesn’t appear to be the case… Unfortunately, despite being a part of Android 15’s source code, these cellular security features are unavailable to use. Their initial appearance in beta did stir speculation about support, especially in the then unreleased Pixel 9 series, though that isn’t the case.”
What is unknown is whether Pixel 9 hardware supports such integration with firmware updates or the platform itself cannot be upgraded, in which case users will need to buy new phones in order to receive the feature. As one comment under Android Police’s article warns, “the optimist in me hopes that by ‘hardware support’ they really mean ‘driver support’. The pragmatist knows that’s likely not the case.”
Similarly, I have confirmed there’s no news yet on the timing for the potentially excellent Live Threat Detection, which will use AI to monitor app behaviors on-device to flag risks as early as possible and provide users an option to disable or delete apps that may threaten their devices and data. Google has said this is coming later this year, with “the detection of suspicious behavior done on device in a privacy preserving way through Private Compute Core, which allows us to protect users without collecting data.” This can’t come soon enough—so watch this space.
This new cellular network defense will be especially useful to users concerned about the risk of tracking and interception. They defend against rogue networks repeatedly pinging their phones for identifiers, and against the risk that a phone can be knocked off a genuine cellular network onto a local, fraudulent base station running limited encryption (if any), leaving the phone open to attack.
Such rogue networks use hardware to trick phones into thinking they are connecting to legitimate, public cellular base stations. They work locally by presenting a strong signal to devices searching for cell towers nearby. Once the phone switches over, the rogue network receives its traffic. Where that traffic is fully encrypted, it remains secure. But if the rogue network can lower the encryption threshold, that changes and traffic is also open to interception.
If your phone allows to you disable 2G networks, this protects you from the most widely accessible versions of this threat. But Samsung, notably, does not offer a universal 2G toggle across its devices—it has been criticized in the past for not enabling this kind of network level security, and so for Pixel users it not only seemed a step up on iPhones but on Samsungs as well. Ironically, the modem on the Pixel 9 that needs to be updated to deliver this new functionality comes from Samsung, which has raised some online questions as to whether this OEM supply chain has caused the delay.
To be fair to Google, it hasn’t missed a release date nor did it confirm that cellular security would be available with Android 15’s first release or with Pixel 9s. It did caveat its I/O announcement by saying the new security “requires device OEM integration and compatible hardware… we are working with the Android ecosystem to bring these features to users [and] expect OEM adoption to progress over the next couple of years.” But we took that to mean other Android OEMs, not Pixels. We don’t know if there’s work underway to update current hardware. As Android Authority says, “hopefully these new cellular security features will actually make their way to some Android devices in the near future.”
While cellular security might be later than expected to the party, the security and privacy innovations that have made their way into this initial Android 15 release are most welcome. The current headline grabber is clearly theft protection, which could help drive down the scourge of phone thefts once and for all—at least it will be a start.
And there’s some good new news for users keen to benefit from the protection. As reported by Android Authority, “theft protection is a set of tools that lock your phone when it’s been stolen so thieves can’t get access to your data. You have to enable these new features manually, but thankfully, Google is rolling out an update that makes it easier to locate and enable controls for theft protection on Android.”
Until this new change, users have needed “to go to Settings, scroll down, tap Google, tap All services, scroll down, then finally tap Theft protection to open the menu,” But thankfully, “following a server-side update that’s rolling out now,” this has all been made much simpler. “You can find the Theft protection menu on Android by navigating to Settings > Security & privacy > Device unlock.”
According to Mishaal Rahman, writing in Android Authority, “we don’t know when exactly this new entry point first arrived, but it’s available on several of my devices already, including a Pixel 6a running Android 14, a Xiaomi 14T Pro running Android 14, and a Pixel 7 Pro running Android 15.”
Unsurprisingly, theft protection has really caught the imagination as it rolls out. Anyone living in a big city knows the increasing nervousness as phone snatchers on bikes and e-scooters prey on victims walking sidewalks. Where in the past this would have largely been people with a phone to their ear, increasingly it’s targeting those even walking or standing with phones in hand. And one can’t help but think that e-scooters with their speed and silence have made the situation much worse.
As Tom’s Guide puts it, “it’s easy to figure out why Google would be looking to boost theft protection in Android. Having our phones stolen can be massively traumatic, especially when you consider how much data we tend to keep on our devices. It isn’t unusual for people to have everything from precious photos to banking details stored on their phones. Google has been working to improve how we keep our devices safe, with an update available today (October 15) that introduces several new methods for protecting your phone, whether at the moment it’s stolen or before.”
Meanwhile, Google isn’t the only Android OEM with a controversial Android 15 decision on its hands. As disappointing as the lack of cellular security might be of to Pixel users, the situation for Samsung users is much worse.
Just ahead of the Android 15 stable release for millions of Pixel devices, we had confirmation that Samsung’s One UI 7 would not be released until next year, likely timed for the Galaxy S25 series. Even the beta—which had been expected to be available by now—isn’t expected until late in the calendar year.
As SamMobile has just explained, “Samsung usually opens the One UI Beta Program in the third quarter of every year, but the company missed that time frame this year. The company was expected to open the One UI 7.0 Beta Program at the end of July, but it was delayed multiple times, and it has still not started. However, the company announced that the One UI 7.0 Beta Program would be opened before the end of this year. The stable version should be out at the start of next year,” adding that “Samsung is taking its own time to release the One UI 7.0 beta update because it is a major UI revamp, and the company wants everything to be smooth and stable before it opens up the beta program.” The “start” of next year might be optimistic—but we will see.
What we don’t know yet is quite which of the new security and privacy upgrades included in the Android 15 OS will make their way into Samsung’s One UI 7. The two headline ones could be absent. We know that Samsung has a patchy track record when it comes to cellular network security, including its lack of a universal 2G toggle. And Google’s announcement of the live threat detection upgrade to Play Protect that is coming later this year excluded Samsung from OEMs expected to deploy first. That could be linked to its overall delay, but it could also signal something else.
The better news for Samsung users is that we now have some form of confirmation as to which Galaxy devices will get the Android 15 upgrade when it comes. SammyFans has just reported that a “Japanese carrier [has] revealed [a] shocking list of Samsung devices getting [the] Android 15 One UI 7 update… Following the Android 15 release, Japan’s AU by KDDI listed all eligible devices for the update.”
The extensive list broadly tallies with expectations that have already been published, and includes the following 21 devices:
- Galaxy S21
- Galaxy S21+
- Galaxy Z Fold3
- Galaxy Z Flip3
- Galaxy S22
- Galaxy S22 Ultra
- Galaxy A53
- Galaxy Z Fold4
- Galaxy Z Flip4
- Galaxy S23
- Galaxy s23 Ultra
- Galaxy A54
- Galaxy Tab S9 FE+
- Galaxy Z Fold5
- Galaxy Z Flip5
- Galaxy S23 FE
- Galaxy S24
- Galaxy S24 Ultra
- Galaxy A55
- Galaxy Z Fold6
- Galaxy Z Flip6
Read the full article here