
Mastering Android privacy & security introduces core concepts across platforms, with a focus on Android topics like permissions, location, and Privacy Sandbox, including cryptography, secure storage, authentication, and authorization.
Learn about Android manifest, normal versus runtime permissions, and how max SDK version affects storage permission. See a demo of requesting camera permission, handling denial, and degrading gracefully.
Explore runtime location permissions, request foreground first, handle approximate versus precise location on Android 12, and request both permissions in a single request to upgrade to precise and background access.
Explore how apps should handle data in a privacy friendly way, building on permissions and location privacy to design data access that protects user privacy.
Compare accounts, sim status, subscriptions, and advertising identifiers, and distinguish app set ID from Firebase ID for crash, performance, cross-device installs, abuse detection, and per-device state.
Audit private user data access with a practical demo, discuss data safety and data collection and sharing guidelines, and explore privacy facing UI elements added in Android 12.
Update the data safety section in the Google Play Console to declare data types such as approximate location, personal info, photos, and crash/diagnostics data, and explain collection and processing.
Android 12 introduces three private user interface elements to inform users and control access to sensitive resources, including the privacy dashboard, status bar indicators, and quick settings toggles.
Explore how Android 12 privacy dashboard shows permissions usage, including location, camera, and microphone, with a timeline, data access rationale, attribution tags, and indicators that reveal usage.
Discover how the privacy sandbox enforces a secure app sandbox with process isolation for runtime enabled SDKs, introducing privacy preserving APIs and a separate SDK distribution model.
Explore how Android permissions guard access to system resources, from hidden and signature-protected APIs to runtime requests and a per-app privacy dashboard.
Explore how Android IPC uses binder and messenger with RPC over a Linux driver to enable secure inter-process communication, protected by manifest permissions and explicit intents.
Explore hardware backed security in Android, including trusted execution environment and secure element. Learn how Android Keystore enables authentication via PIN, pattern, or biometrics and supports DRM and identity credentials.
Highlight secure elements as hardware backed storage with their own cpu and tamper resistant components. Discuss strongbox keymaster, key attestation, and android ready se for hardware backed cryptographic keys.
Explore symmetric cryptography by examining confusion and diffusion, the avalanche effect, and how DES and AES use substitution, transposition, and permutation with stream and block ciphers.
Explain cipher block chaining (cbc) as a block mode where each block depends on the previous ciphertext and an initialization vector, providing confidentiality and authentication, though it sacrifices speed.
Apply counter mode (CTR) for AES encryption and IP security, using a counter input to xor with plaintext, enabling parallelized computation, real-time processing, and pre-processing while keeping counters in sync.
Explore how the Data Encryption Standard encrypts a 64-bit plaintext with a 64-bit key through 16 rounds of a Feistel structure, subkey generation, and the mangler, S-boxes, and permutations.
Demonstrates data encryption standard on Android, showing encryption and decryption using ECB, CBC, CFB, OFB, and CTR modes with PKCS5 padding and initialization vector handling.
Examine how the Data Encryption Standard can be cracked, reviewing linear cryptanalysis and differential cryptanalysis, s-box behavior, avalanche effect, and the impractical need for massive plaintext-ciphertext pairs.
Master the advanced encryption standard, a 128-bit block cipher with 10–14 rounds and variable key sizes, using substitution, shift rows, and mixed columns to achieve confusion and diffusion.
Gain insightful knowledge about a wide spectrum of privacy and security topics in this course. In general, many topics are relevant across platforms and technologies such as cryptography and authentication & authorization standards. Specifically for Android, there is a deep dive into all the individual topics. This includes fundamental concepts, best practices, detailed walkthroughs, and plenty of demos taught by a Google Developer Agency Tech Lead. Stefan started developing Android apps - almost from Android's birth - in 2011, and since then had to design and develop a handful of Android apps. The apps involved lots of privacy and security aspects and therefore he wants to share his experience in this course.
Privacy and security topics are often overlooked when designing and developing mobile apps because the concepts are often unclear. However, it is important to develop apps with privacy and security in mind to improve UX, data safety, and finally user satisfaction. Depending on the app to be developed, there may be special requirements when it comes to privacy and security, too. Furthermore, when you apply for a job at any of the big FAANG companies, system design questions are likely to involve privacy and security aspects. So, knowing in detail about these topics will help you to stand out against other applicants.
More than 12 hours of on-demand video content will cover what you need to know to master privacy & security:
Learn about privacy & security concepts on Android by gaining lots of overall knowledge, knowing best practices, following detailed walkthroughs and demos
Be well prepared for system design interviews at any of the big FAANG companies when it comes to privacy & security-related topics
Know how to improve privacy by minimizing permission requests
Approaches to ensure user data privacy: Package visibility, data storage & device IDs
Apply data access auditing and other techniques to ensure transparency & control
Deep dive into security concepts Android is built upon: From kernel security to app security
How to use the Android Keystore system for secure storage of a device's Trusted Execution Environment or Secure Element
Understand symmetric & asymmetric cryptography, and hashing: Concepts, algorithms walkthrough, demos, implementation on Android
Get insights into how to protect local data including EncryptedFile and EncryptedSharedPreferences, and secure SQL & NoSQL databases
Discussion of network security concepts: Public Key Infrastructure & TLS
Choosing the right approach to securely transmit network data on Android by using certificate pinning, certificate transparency, or the Android network security config
Overview of authentication & authorization standards like OAuth 2.0 and OpenID Connect, and how they can be applied on Android