Pietro F. Maggi, profile picture
Uploaded byPietro F. Maggi
PPTX, PDF959 views

Whats different in android L, M, N and O

The document discusses the evolution of Android from versions Lollipop to 'O', highlighting notable changes in notifications, permissions, and power management. Key features like dynamic runtime permissions, Doze mode for battery saving, and enterprise support are emphasized across the different Android versions. The information is particularly relevant for developers working with enterprise Android applications and managing device access and security.

Embed presentation

Download to read offline
EUROPE
Developer Session What’s Different in Android L, M, N, O Darryn Campbell & Pietro Maggi Software Experts
• Android Trends & Trajectory • Android Lollipop • Android Marshmallow • Android Nougat • Android ‘O’ Agenda What’s Different in Android L, M, N, O
COMMON PATTERNS
There are some interesting patterns emerging as Android evolves: • Notifications have undergone major (or at least noteworthy) changes in every release from KitKat to ‘O’. • Notifications feature heavily in enterprise use cases it becomes increasingly complex to lock down what the user is able to control • Pushes towards power saving, taking flexibility away from developers with consumer end user battery life in mind • Locking down your device becomes increasingly complex. • E.g. More system apps to prohibit Common Patterns & Trajectory Controlling device access
ANDROID LOLLIPOP
• Introduced in API 21 • Google sample: https://github.com/googlesamples/android-JobScheduler • Helps perform background work in an efficient way, especially networking • For older devices, with GMS, GCM Network Manager provides efficient background job scheduling • https://developers.google.com/cloud-messaging/network-manager • GCMTaskService is typically simpler to manage and more difficult to mess up than JobService Note that GCMTaskService is implemented using the JobScheduler API on Lollipop and newer OS. Android Lollipop JobScheduler API
• Many enhancements to BLE between Android 4.4 and Android 5.0 • Addition of peripheral mode • Support for Beacon or iBeacon packets • Allows broadcasting of advertising packets (hardware permitting) • Improved background scanning no longer prevents the device from sleeping. • API backwardly compatible with KitKat Android Lollipop Bluetooth LE Matures
ANDROID MARSHMALLOW
• Dynamic runtime permissions • Doze mode • Bluetooth changes • Encryption & Adoptable storage • Trusted & untrusted resets • Enterprise Android: COSU support (Corporate-owned single-use) Android Marshmallow Behaviour changes affecting Enterprise
Targeting API 23+ If you target API level 23+, your application is not going to have the dangerous permission granted at install time, but it needs to: • Check • Request • Fail gracefully if not permission is not granted
Targeting API 23+ When the user installs or updates the app, the system grants the app all permissions that the app requests that fall under PROTECTION_NORMAL. For example, alarm clock and internet permissions fall under PROTECTION_NORMAL, so they are automatically granted at install time. Some of the permission that are now granted automatically are: 1. GET_ACCOUNTS 2. READ_PHONE_STATE 3. READ_EXTERNAL_STORAGE 4. GET_TASKS, REORDER_TASKS, KILL_BACKGROUND_PROCESSES 5. EXPAND_STATUS_BAR
What if I’m targeting API level 22 or older? The new permission system is not enforce at install time. If the user install your application, like before, it gets all the requested permissions. BUT. If an user can go into the settings application, it can removes the permissions. Lock down the device looks like a good idea to me!
Reminder: adb install Needs -g To Auto-Grant Permissions If your app has a targetSdkVersion of 23 or higher, and you are installing the app via the command line, note that adb install has two possible behaviors: • Used normally, the app is installed without any runtime permissions granted. This mimics a normal app install, where you have to ask for the permissions at runtime. • Used with the -g switch, the app is installed with all runtime permissions pre-granted, as if the app had a targetSdkVersion below 22. This can be handy for rapid testing, though it is not indicative of what the user will see. Source: https://commonsware.com/blog/2016/03/18/reminder-adb-install-needs-auto-grant-permissions.html
It’s all about the battery! Source: https://www.bignerdranch.com/blog/diving-into-doze-mode-for-developers/
GMS and AOSP – it makes a difference Doze Mode is enabled only on GMS devices This is where you can use an High-Priority Firebase Cloud Message to wake up the device and kick an application temporarily out of Doze mode: In Doze or App Standby mode, the system delivers the message and gives the app temporary access to network services and partial wakelocks, then returns the device or app to the idle state. Source: https://developer.android.com/training/monitoring-device-state/doze-standby.html
Whitelisting an application • An app that is whitelisted can use the network and hold partial wake locks during Doze and App Standby. However, other restrictions still apply to the whitelisted app, just as they do to other apps. • An app can check whether it is currently on the exemption whitelist by calling isIgnoringBatteryOptimizations(). • Users can manually configure the whitelist in Settings > Battery > Battery Optimization. • Alternatively, the system provides ways for apps to ask users to whitelist them: • An app can fire the ACTION_IGNORE_BATTERY_OPTIMIZATION_SETTINGS intent to take the user directly to the Battery Optimization, where they can add the app. • An app holding the REQUEST_IGNORE_BATTERY_OPTIMIZATIONS permission can trigger a system dialog to let the user add the app to the whitelist directly, without going to settings. • The app fires a ACTION_REQUEST_IGNORE_BATTERY_OPTIMIZATIONS Intent to trigger the dialog. • The user can manually remove apps from the whitelist as needed. Source: https://developer.android.com/training/monitoring-device-state/doze-standby.html
Testing for Doze Mode and App-Standby You can simulate Doze mode using adb while your application is running: $ adb shell dumpsys deviceidle force-idle You can simulate App-Standby using adb while your application is running: Force the app into App Standby mode by running the following commands: $ adb shell dumpsys battery unplug $ adb shell am set-inactive <packageName> true Simulate waking your app using the following commands: $ adb shell am set-inactive <packageName> false $ adb shell am get-inactive <packageName> Source: https://developer.android.com/training/monitoring-device-state/doze-standby.html
Two modes: 1. Full Storage Card Encryption Mode • Matches what Adoptable Storage is with the same limitations • Can be provisioned via StageNow • Duplicates Android functionality so potential for future deprecation 2. Folder Encryption Mode • Supports encryption in /data and on the Storage Card • Allows a common encrypted implementation in common with non-Marshmallow devices in your deployment Android Marshmallow Encryption & Adoptable storage – Interaction with Encrypt Manager
Android Marshmallow Encryption & Adoptable storage Reset Action Emulated storage cards Physical storage cards Adopted storage cards Enterprise partition Reboot Retained Retained Retained Retained Full Device Wipe Wiped Wiped Wiped Wiped Factory Reset Wiped Retained Wiped Wiped Enterprise Reset Wiped Retained Wiped Retained
• Designed to reduce the value of stolen (consumer) devices • Trusted factory resets: • Do NOT mandate reentry any previously associated Google creds • Invoked from device settings UI • Untrusted factory resets: • GMS Only • DO mandate reentry of any previously associated Google creds • Factory resets invoked from MX Power manager • Factory reset packages available from Zebra support • Note: If you forget your previously associated Google creds contact Zebra support Android Marshmallow Trusted & untrusted factory resets
• Applications and services have to call scanner disable when device is suspending [e.g. onPause/onDestroy callback]. • On Lollipop (Android v5.x) or KitKat (Android v4.4) devices we don't have imager standby mode supported, in this mode imager would consume lowest power, with TC51/TC56/TC70x/TC75x, using Marshmallow (Android 6.0), this was a requirement to have lowest power on suspend. • With this mode, imager loses all it's configurations which is done in enable, hence user needs to recall enable again, however after disabling scanner, otherwise scan framework will not accept another enable due to state machine. Android Marshmallow Imager goes into standby mode when devices goes into suspend.
• Android for Work started with 5.0 (lollipop). Announced at Google I/O 2014 • Initially targeted BYOD (Bring your own device) use cases • Separation of ‘Work’ mode from personal applications • ‘Work profile’ owned by a “Profile Owner” which would be a device policy controller (DPC) • Enhancements for COPE (Corporate owned, personally enabled) • Expectation that device or profile will owned by a DPC • DPC is acting as device owner (DO) or profile owner (PO) • Enhancements for COSU (Corporate owned, single use) [6.0+] • Expectation that these devices will only have a device owner (DO) • Typical Zebra device use cases • Non-Zebra single use Android devices could be a payment terminal or airport check-in. • DO provisioning via NFC prioritized by Google (also possible via adb) Android Marshmallow Android in the Enterprise: Recap
• COSU support (Corporate Owned – Single Use) • Managed configurations via bundle data types • Lock Task Mode in additional to lollipop’s consumer oriented ‘Pinning’ DEMOS Android Marshmallow Android in the Enterprise: COSU support in Marshmallow
Android Marshmallow Managed Configurations
Android Marshmallow Lock Task Mode
ANDROID NOUGAT
• Multi-Window Support • Notification Enhancements • Doze on the Go • Data Saver • Tile API • Number Blocking • New Emojis  Android Nougat (7.0) Behaviour changes affecting Enterprise • WebView enhancements, now using Chrome (on GMS) • Enterprise updates (incremental) • Hardware back keystore
• App Shortcuts • Image Keyboard Support • “Professional” Emoji    • Storage Manager Intent Android Nougat (7.1) Behaviour changes affecting Enterprise
ANDROID ‘O’
• Background execution limits • Background service limitations • Implicit broadcast reception limitations • Android background location limits • Notification enhancements for ‘Channels’ giving users more granular control of notification importance & how they should be notified. • Launcher shortcut pinning Android O PREVIEW Behaviour changes affecting Enterprise • Enterprise updates: • COMP (Corporate owned, managed profile) devices • Incremental improvements to DPC APIs (new & existing). • E.g. inter profile application communication. • Autofill Framework • Google Safe Browsing API in WebViews
Questions?
• Android M developer impact: https://developer.zebra.com/community/android/android-forums/android- blogs/blog/2017/01/20/what-s-new-for-android-m-and-the-impact-on-zebra-developers • Deploying applications on Zebra devices from JellyBean to Marshmallow & beyond: https://developer.zebra.com/community/android/android-forums/android-blogs/blog/2017/02/08/deploying-an-application-to-zebra- android-devices-ranging-from-jellybean-to-marshmallow-and-beyond • Google official docs for: • Lollipop: https://developer.android.com/about/versions/lollipop.html • Marshmallow: https://developer.android.com/about/versions/marshmallow/android-6.0-changes.html • Nougat: https://developer.android.com/about/versions/nougat/android-7.0-changes.html • O: https://developer.android.com/preview/behavior-changes.html Useful Links Android Alphabet Soup
Please take a moment to rate this session using the APPFORUM mobile app. THANK YOU
• Bullet text Content Slide Title Goes Here Sub title goes here
What are your options: 1. Continue to target API 22 (Lollipop) 2. Implement Google’s runtime model 3. Use an MX AppManager profile to install the application 4. Use an EMM that supports managed Android devices Android Marshmallow Dynamic runtime permissions

More Related Content

PPTX
Android Security
byArqum Ahmad
 
PPTX
Android security
byMidhun P Gopi
 
PDF
Introduction to Android Development and Security
byKelwin Yang
 
PPTX
Android sandbox
byAnusha Chavan
 
PDF
Android Security
byLars Jacobs
 
PPT
Android Security
bySuminda Gunawardhana
 
PPTX
Mind the gap
byPietro F. Maggi
 
PDF
Android security - an enterprise perspective
byPietro F. Maggi
 
Android Security
byArqum Ahmad
 
Android security
byMidhun P Gopi
 
Introduction to Android Development and Security
byKelwin Yang
 
Android sandbox
byAnusha Chavan
 
Android Security
byLars Jacobs
 
Android Security
bySuminda Gunawardhana
 
Mind the gap
byPietro F. Maggi
 
Android security - an enterprise perspective
byPietro F. Maggi
 

What's hot

PPTX
Pentesting Android Applications
byCláudio André
 
PDF
Deep Dive Into Android Security
byMarakana Inc.
 
PPTX
Android security
byMobile Rtpl
 
PDF
Android Security
byMehrnaz Amoon
 
PPTX
Mobile application security
byShubhneet Goel
 
PPT
Analysis and research of system security based on android
byRavishankar Kumar
 
PPTX
Android Device Hardening
byanupriti
 
PDF
Security Testing Mobile Applications
byDenim Group
 
PPTX
Permission in Android Security: Threats and solution
byTandhy Simanjuntak
 
ODP
Android security in depth
bySander Alberink
 
PPTX
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
byRapid7
 
PPTX
Understanding android security model
byPragati Rai
 
PDF
2015.04.24 Updated > Android Security Development - Part 1: App Development
byCheng-Yi Yu
 
PDF
Sperasoft talks: Android Security Threats
bySperasoft
 
PDF
Android security
byMohamed Alharbi
 
ODP
Mobile Apps Security Testing -3
byKrisshhna Daasaarii
 
PPT
Understanding Android Security
byAsanka Dilruk
 
PDF
Android Security Development
byhackstuff
 
PPT
IBM Rational AppScan Product Overview
byAshish Patel
 
PDF
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.com
byIdexcel Technologies
 
Pentesting Android Applications
byCláudio André
 
Deep Dive Into Android Security
byMarakana Inc.
 
Android security
byMobile Rtpl
 
Android Security
byMehrnaz Amoon
 
Mobile application security
byShubhneet Goel
 
Analysis and research of system security based on android
byRavishankar Kumar
 
Android Device Hardening
byanupriti
 
Security Testing Mobile Applications
byDenim Group
 
Permission in Android Security: Threats and solution
byTandhy Simanjuntak
 
Android security in depth
bySander Alberink
 
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
byRapid7
 
Understanding android security model
byPragati Rai
 
2015.04.24 Updated > Android Security Development - Part 1: App Development
byCheng-Yi Yu
 
Sperasoft talks: Android Security Threats
bySperasoft
 
Android security
byMohamed Alharbi
 
Mobile Apps Security Testing -3
byKrisshhna Daasaarii
 
Understanding Android Security
byAsanka Dilruk
 
Android Security Development
byhackstuff
 
IBM Rational AppScan Product Overview
byAshish Patel
 
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.com
byIdexcel Technologies
 

Similar to Whats different in android L, M, N and O

PPTX
Android ch2..pptx
bymohamedMoktarMohamed
 
PPT
android marshmallow
byChaitanya Ram
 
PDF
Infoworld deep dive - Mobile Security2015 updated
byKim Jensen
 
PPTX
Android Best Practises
byRamesh Akula
 
PPTX
Marshmallow
byshubham kanojia
 
PPTX
Nougat 7.0 seminar
byVen Esh
 
PPTX
New features in android m upload
byBin Yang
 
PPTX
Google IO 2015 - Devbytes
byVishal Nayak
 
PPTX
A journey through android development
byraditya gumay
 
PPTX
What's new in android M(6.0)
byYonatan Levin
 
PDF
Introduction to Android M
byamsanjeev
 
PPTX
GDG Devfest 2016 session on Android N
byImam Raza
 
PPTX
Android M, N preview
byFady Emad
 
PPTX
What's new in android jakarta gdg (2015-08-26)
byGoogle
 
PPTX
android marshmallow- latest android application version
byJAI SHANKER
 
PDF
CodeMotion tel aviv 2015 - burning marshmallows
byRon Munitz
 
ODP
Android
byMohammed Aswat
 
PPTX
Prasad ppt
byPrasad Deshmukh
 
PDF
Android M Pre-Release Briefing
byThe App Business
 
PDF
What is new in Android M
byErik Hellman
 
Android ch2..pptx
bymohamedMoktarMohamed
 
android marshmallow
byChaitanya Ram
 
Infoworld deep dive - Mobile Security2015 updated
byKim Jensen
 
Android Best Practises
byRamesh Akula
 
Marshmallow
byshubham kanojia
 
Nougat 7.0 seminar
byVen Esh
 
New features in android m upload
byBin Yang
 
Google IO 2015 - Devbytes
byVishal Nayak
 
A journey through android development
byraditya gumay
 
What's new in android M(6.0)
byYonatan Levin
 
Introduction to Android M
byamsanjeev
 
GDG Devfest 2016 session on Android N
byImam Raza
 
Android M, N preview
byFady Emad
 
What's new in android jakarta gdg (2015-08-26)
byGoogle
 
android marshmallow- latest android application version
byJAI SHANKER
 
CodeMotion tel aviv 2015 - burning marshmallows
byRon Munitz
 
Android
byMohammed Aswat
 
Prasad ppt
byPrasad Deshmukh
 
Android M Pre-Release Briefing
byThe App Business
 
What is new in Android M
byErik Hellman
 

Recently uploaded

PDF
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
PDF
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PDF
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
PDF
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
PDF
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PDF
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
PDF
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
DOCX
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
PPTX
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PPTX
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
PPTX
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
PDF
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
PDF
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
PDF
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 

Whats different in android L, M, N and O

  • 1.
  • 2.
    Developer Session What’s Differentin Android L, M, N, O Darryn Campbell & Pietro Maggi Software Experts
  • 3.
    • Android Trends& Trajectory • Android Lollipop • Android Marshmallow • Android Nougat • Android ‘O’ Agenda What’s Different in Android L, M, N, O
  • 4.
  • 5.
    There are someinteresting patterns emerging as Android evolves: • Notifications have undergone major (or at least noteworthy) changes in every release from KitKat to ‘O’. • Notifications feature heavily in enterprise use cases it becomes increasingly complex to lock down what the user is able to control • Pushes towards power saving, taking flexibility away from developers with consumer end user battery life in mind • Locking down your device becomes increasingly complex. • E.g. More system apps to prohibit Common Patterns & Trajectory Controlling device access
  • 6.
  • 7.
    • Introduced inAPI 21 • Google sample: https://github.com/googlesamples/android-JobScheduler • Helps perform background work in an efficient way, especially networking • For older devices, with GMS, GCM Network Manager provides efficient background job scheduling • https://developers.google.com/cloud-messaging/network-manager • GCMTaskService is typically simpler to manage and more difficult to mess up than JobService Note that GCMTaskService is implemented using the JobScheduler API on Lollipop and newer OS. Android Lollipop JobScheduler API
  • 8.
    • Many enhancementsto BLE between Android 4.4 and Android 5.0 • Addition of peripheral mode • Support for Beacon or iBeacon packets • Allows broadcasting of advertising packets (hardware permitting) • Improved background scanning no longer prevents the device from sleeping. • API backwardly compatible with KitKat Android Lollipop Bluetooth LE Matures
  • 9.
  • 10.
    • Dynamic runtimepermissions • Doze mode • Bluetooth changes • Encryption & Adoptable storage • Trusted & untrusted resets • Enterprise Android: COSU support (Corporate-owned single-use) Android Marshmallow Behaviour changes affecting Enterprise
  • 11.
    Targeting API 23+ Ifyou target API level 23+, your application is not going to have the dangerous permission granted at install time, but it needs to: • Check • Request • Fail gracefully if not permission is not granted
  • 12.
    Targeting API 23+ Whenthe user installs or updates the app, the system grants the app all permissions that the app requests that fall under PROTECTION_NORMAL. For example, alarm clock and internet permissions fall under PROTECTION_NORMAL, so they are automatically granted at install time. Some of the permission that are now granted automatically are: 1. GET_ACCOUNTS 2. READ_PHONE_STATE 3. READ_EXTERNAL_STORAGE 4. GET_TASKS, REORDER_TASKS, KILL_BACKGROUND_PROCESSES 5. EXPAND_STATUS_BAR
  • 13.
    What if I’mtargeting API level 22 or older? The new permission system is not enforce at install time. If the user install your application, like before, it gets all the requested permissions. BUT. If an user can go into the settings application, it can removes the permissions. Lock down the device looks like a good idea to me!
  • 14.
    Reminder: adb installNeeds -g To Auto-Grant Permissions If your app has a targetSdkVersion of 23 or higher, and you are installing the app via the command line, note that adb install has two possible behaviors: • Used normally, the app is installed without any runtime permissions granted. This mimics a normal app install, where you have to ask for the permissions at runtime. • Used with the -g switch, the app is installed with all runtime permissions pre-granted, as if the app had a targetSdkVersion below 22. This can be handy for rapid testing, though it is not indicative of what the user will see. Source: https://commonsware.com/blog/2016/03/18/reminder-adb-install-needs-auto-grant-permissions.html
  • 15.
    It’s all aboutthe battery! Source: https://www.bignerdranch.com/blog/diving-into-doze-mode-for-developers/
  • 16.
    GMS and AOSP– it makes a difference Doze Mode is enabled only on GMS devices This is where you can use an High-Priority Firebase Cloud Message to wake up the device and kick an application temporarily out of Doze mode: In Doze or App Standby mode, the system delivers the message and gives the app temporary access to network services and partial wakelocks, then returns the device or app to the idle state. Source: https://developer.android.com/training/monitoring-device-state/doze-standby.html
  • 17.
    Whitelisting an application •An app that is whitelisted can use the network and hold partial wake locks during Doze and App Standby. However, other restrictions still apply to the whitelisted app, just as they do to other apps. • An app can check whether it is currently on the exemption whitelist by calling isIgnoringBatteryOptimizations(). • Users can manually configure the whitelist in Settings > Battery > Battery Optimization. • Alternatively, the system provides ways for apps to ask users to whitelist them: • An app can fire the ACTION_IGNORE_BATTERY_OPTIMIZATION_SETTINGS intent to take the user directly to the Battery Optimization, where they can add the app. • An app holding the REQUEST_IGNORE_BATTERY_OPTIMIZATIONS permission can trigger a system dialog to let the user add the app to the whitelist directly, without going to settings. • The app fires a ACTION_REQUEST_IGNORE_BATTERY_OPTIMIZATIONS Intent to trigger the dialog. • The user can manually remove apps from the whitelist as needed. Source: https://developer.android.com/training/monitoring-device-state/doze-standby.html
  • 18.
    Testing for DozeMode and App-Standby You can simulate Doze mode using adb while your application is running: $ adb shell dumpsys deviceidle force-idle You can simulate App-Standby using adb while your application is running: Force the app into App Standby mode by running the following commands: $ adb shell dumpsys battery unplug $ adb shell am set-inactive <packageName> true Simulate waking your app using the following commands: $ adb shell am set-inactive <packageName> false $ adb shell am get-inactive <packageName> Source: https://developer.android.com/training/monitoring-device-state/doze-standby.html
  • 19.
    Two modes: 1. FullStorage Card Encryption Mode • Matches what Adoptable Storage is with the same limitations • Can be provisioned via StageNow • Duplicates Android functionality so potential for future deprecation 2. Folder Encryption Mode • Supports encryption in /data and on the Storage Card • Allows a common encrypted implementation in common with non-Marshmallow devices in your deployment Android Marshmallow Encryption & Adoptable storage – Interaction with Encrypt Manager
  • 20.
    Android Marshmallow Encryption &Adoptable storage Reset Action Emulated storage cards Physical storage cards Adopted storage cards Enterprise partition Reboot Retained Retained Retained Retained Full Device Wipe Wiped Wiped Wiped Wiped Factory Reset Wiped Retained Wiped Wiped Enterprise Reset Wiped Retained Wiped Retained
  • 21.
    • Designed toreduce the value of stolen (consumer) devices • Trusted factory resets: • Do NOT mandate reentry any previously associated Google creds • Invoked from device settings UI • Untrusted factory resets: • GMS Only • DO mandate reentry of any previously associated Google creds • Factory resets invoked from MX Power manager • Factory reset packages available from Zebra support • Note: If you forget your previously associated Google creds contact Zebra support Android Marshmallow Trusted & untrusted factory resets
  • 22.
    • Applications andservices have to call scanner disable when device is suspending [e.g. onPause/onDestroy callback]. • On Lollipop (Android v5.x) or KitKat (Android v4.4) devices we don't have imager standby mode supported, in this mode imager would consume lowest power, with TC51/TC56/TC70x/TC75x, using Marshmallow (Android 6.0), this was a requirement to have lowest power on suspend. • With this mode, imager loses all it's configurations which is done in enable, hence user needs to recall enable again, however after disabling scanner, otherwise scan framework will not accept another enable due to state machine. Android Marshmallow Imager goes into standby mode when devices goes into suspend.
  • 23.
    • Android forWork started with 5.0 (lollipop). Announced at Google I/O 2014 • Initially targeted BYOD (Bring your own device) use cases • Separation of ‘Work’ mode from personal applications • ‘Work profile’ owned by a “Profile Owner” which would be a device policy controller (DPC) • Enhancements for COPE (Corporate owned, personally enabled) • Expectation that device or profile will owned by a DPC • DPC is acting as device owner (DO) or profile owner (PO) • Enhancements for COSU (Corporate owned, single use) [6.0+] • Expectation that these devices will only have a device owner (DO) • Typical Zebra device use cases • Non-Zebra single use Android devices could be a payment terminal or airport check-in. • DO provisioning via NFC prioritized by Google (also possible via adb) Android Marshmallow Android in the Enterprise: Recap
  • 24.
    • COSU support(Corporate Owned – Single Use) • Managed configurations via bundle data types • Lock Task Mode in additional to lollipop’s consumer oriented ‘Pinning’ DEMOS Android Marshmallow Android in the Enterprise: COSU support in Marshmallow
  • 25.
  • 26.
  • 27.
  • 28.
    • Multi-Window Support •Notification Enhancements • Doze on the Go • Data Saver • Tile API • Number Blocking • New Emojis  Android Nougat (7.0) Behaviour changes affecting Enterprise • WebView enhancements, now using Chrome (on GMS) • Enterprise updates (incremental) • Hardware back keystore
  • 29.
    • App Shortcuts •Image Keyboard Support • “Professional” Emoji    • Storage Manager Intent Android Nougat (7.1) Behaviour changes affecting Enterprise
  • 30.
  • 31.
    • Background executionlimits • Background service limitations • Implicit broadcast reception limitations • Android background location limits • Notification enhancements for ‘Channels’ giving users more granular control of notification importance & how they should be notified. • Launcher shortcut pinning Android O PREVIEW Behaviour changes affecting Enterprise • Enterprise updates: • COMP (Corporate owned, managed profile) devices • Incremental improvements to DPC APIs (new & existing). • E.g. inter profile application communication. • Autofill Framework • Google Safe Browsing API in WebViews
  • 32.
  • 33.
    • Android Mdeveloper impact: https://developer.zebra.com/community/android/android-forums/android- blogs/blog/2017/01/20/what-s-new-for-android-m-and-the-impact-on-zebra-developers • Deploying applications on Zebra devices from JellyBean to Marshmallow & beyond: https://developer.zebra.com/community/android/android-forums/android-blogs/blog/2017/02/08/deploying-an-application-to-zebra- android-devices-ranging-from-jellybean-to-marshmallow-and-beyond • Google official docs for: • Lollipop: https://developer.android.com/about/versions/lollipop.html • Marshmallow: https://developer.android.com/about/versions/marshmallow/android-6.0-changes.html • Nougat: https://developer.android.com/about/versions/nougat/android-7.0-changes.html • O: https://developer.android.com/preview/behavior-changes.html Useful Links Android Alphabet Soup
  • 34.
    Please take amoment to rate this session using the APPFORUM mobile app. THANK YOU
  • 35.
    • Bullet text ContentSlide Title Goes Here Sub title goes here
  • 36.
    What are youroptions: 1. Continue to target API 22 (Lollipop) 2. Implement Google’s runtime model 3. Use an MX AppManager profile to install the application 4. Use an EMM that supports managed Android devices Android Marshmallow Dynamic runtime permissions

Editor's Notes

  • #6 Background services, location services, doze mode, enhanced doze mode Notifications: material design, long press in M, reply in line in N, channels in O
  • #20 Interaction with Encrypt Manager – Adoptable Storage http://techdocs.zebra.com/emdk-for-android/6-0/mx/encryptmgr/ Note: Encryption Manager will not be aware that an adopted SD card is encrypted, the two are mutually exclusive.
  • #29 Still in the process of defining what Zebra are doing for Android N: Multi-Window. How to provision? Use cases include drag & drop. More for tablet form factors. Notification enhancements are reply inline, custom views and bundling notifications together. Consider using 3rd party messaging apps like Whats-app in an enterprise deployment of GMS devices, you get these features for ‘free’ automatically. 1st party apps (Gmail) obviously also support notification bundling Doze on the Go. More aggressive doze can now block network access & syncs / jobs even if the device is moving Data Saver blocks data for apps in the background & foreground apps may use less frequently. Could impact field workers or anybody on a data plan. Consider provisioning your app to have unrestricted data access (by default play services have unrestricted access) Tile API. Two considerations: 1. How control users from moving tiles around? 2. You can define our own quick settings tiles which could greatly increase productivity depending on the use case. Do you want to restrict access to specific tiles? The API is ADD tiles only. Note: Quick settings are urgently required or frequently used actions, NOT shortcuts to launching an application. Number Blocking. Strong Enterprise Use case but currently apps have NO access to the blocked number list. Enterprise use cases include whitelisting, blacklisting incoming & outgoing calls. Similar features may appear on Zebra hardware. Additional functionality through carrier integration (server-side blocking) prevents forwarding. Call Screening also has enterprise use cases, you might not want to show notifications under some conditions (e.g. during customer interaction). Emojis are not supported by the Enterprise Keyboard: https://www.zebra.com/gb/en/products/software/mobile-computers/enterprise-keyboard.html Starting with Chrome version 51 on Android 7.0 and above, the Chrome APK on your device is used to provide and render Android System WebViews. Great for receiving security updates and maintaining parity with the Chrome apk Only available on GMS devices. Non-GMS devices will fall behind. You will see a difference in rendering between the same EB app on two devices (one GMS, one non-GMS) Can chose your webview provider on GMS, at least for now but that is a developer option and likely could not provision. Webview APK, Dev Chrome, Beta Chrome, Stable Chrome. Continued enterprise Android updates (always on VPN, corporate colours during provisioning) Key Attestation with hardware backed keys allows your to have greater confidence that the device in use has not been compromised and enables greater protection of your data at rest https://developer.android.com/about/versions/nougat/android-7.0.html
  • #30 Still in the process of defining what Zebra are doing for Android N: New App shortcut paradigm. Unsure of EHS support for new App shortcuts? Image Keyboard support & Professional emoji. Again, Enterprise Keyboard is more suited for Enterprise. Storage Manager Intent: Apps can now fire an ACTION_MANAGE_STORAGE intent, taking the user to the system's Free up space screen. For example, if an app requires more space than is currently available, it can use this intent to let the user delete unneeded apps and content to free up sufficient space. Will want to find a way to block this. https://developer.android.com/about/versions/nougat/android-7.1.html
  • #32 Migration guide for Background SERVICE execution limits: https://developer.android.com/preview/features/background.html (target API level 25 or below, Use JobScheduler API, foreground service, FCM to wake the application, defer work). Whitelist exists but not user editable – whitelisted for a few minutes for PendingIntents, receiving intents or FCM. Android background location limits affect Fused and non-fused providers. Geofencing still works. Mitigation: bring your app to the foreground, use a foreground service, use a passive location listener. Background apps have location computed a few times each hour. Launcher shortcut pinning requires user to acknowledge. Could lead to quicker access to an app or functionality. Must be supported by the home screen. Autofill framework: could be used in conjunction with managed configurations to help pre-populate fields with existing applications.
  • #37 Recommendation: A combination of 2 and 3 to debug and deploy respectively. Lock down the app permissions dialog.