Android Security Best Practices

This topic contains best practices for device manufacturers to ship secure devices to all Android users. The collected best practices cover:

  • Organizational and operational security—Creating strong security practices in your team and organization.
  • System security—Reviewing and improving core operating system and device security.
  • Application security—Reviewing and improving the security of apps on the device.
  • Network security—Reviewing and improving the security of network communications from the device.
  • Hardware security—Reviewing hardware choices to improve device security.
  • Privacy—Enabling user control over the handling of their data.

Many recommendations in this section are also detailed in the Android Compatibility Definition Document (CDD). In many instances, these recommendations are detected through tools, such as the Android Compatibility Test Suite (CTS).