Google cloud backups on Android Pie are encrypted with your lock screen password

Google automatically backs up a lot of essential app data and other things like call history to Google Drive. This is to ensure that switching between phones don’t become too cumbersome. However, Android Pie changes a few things with backups and how they are stored. The changes announced by Google in an online security blog reveal that the company is now implementing measures that ensure that even Google can no longer read your data. [caption id=“attachment_4851171” align=“alignnone” width=“1024”] Titan Security key illustration. Image: Google[/caption] Troy Kensinger, Technical Program Manager of Android Security and Privacy at Google writes that “devices can take advantage of a new capability where backed-up application data can only be decrypted by a key that is randomly generated at the client.” This key is based on the user’s lock screen password, which isn’t revealed to Google. That’s not all. This passcode-protected key is then encrypted to a Titan security chip on Google’s servers. “The Titan chip is configured to only release the backup decryption key when presented with a correct claim derived from the user’s passcode,” writes Kensinger. In short, the Titan security key will not decrypt any of your information unless it detects that you have used your passcode to request for a decryption. As noted in a report by Android Police, Google also hired a security firm, NCC Group to ensure there were no loopholes here. NCC Group did come across a few issues and they were duly fixed by Google. The only thing we are not very sure about is that which phones are actually capable of backing up data using this new method. Having Android Pie installed is definitely one of the crucial prerequisites but Google has not revealed any other requirements so far.