Google has unveiled a new feature called “Restoration of the Consciousness” (Restore Credentials), designed to help users securely regain access to accounts in third-party applications after purchasing a new smartphone running on Android. This feature will be integrated into the API Credential Manager, making it easier for users to log into applications after transferring data and setting up their new device.
This function enables automatic login to applications on a new device without the need to re-enter login credentials. The process takes place in the background during data restoration, with a key component being the recovery key – a public key compliant with FIDO2 standards.
When a user logs into an application that supports this feature, the recovery key is securely stored in an encrypted form in the Credential Manager. Users also have the option to upload the key to the cloud for additional backup. Upon restoring applications on a new device, the keys are automatically requested, allowing for instant access to the account.
Developers of applications can generate a recovery key after the user successfully authorizes, either immediately after login or during a check of the existing key. However, Google advises users to delete the key when logging out to prevent unauthorized automatic access.
Apple has already implemented a similar function in iOS, utilizing it to manage data access using the KSecAttrAccessible attribute. This technology enables users to limit data access on a new device if the keys are specific to the original device.
The introduction of this new feature coincided with the release of the first version of Android android 16 for developers. This update includes a revamped privacy panel that allows users to monitor access to sensitive permissions over the previous seven days, along with improvements to the Privacy Sandbox system.
Furthermore, Google has recently introduced the updated Android Security Paper, detailing the built-in security mechanisms of the mobile OS, such as anti-theft measures, lockdown mode, and private space. These features aim to enhance the safety and privacy of Android users.