Mishaal Rahman / Android Authority
TL;DR
- Google is testing a feature for Advanced Protection Mode that restricts apps that use the AccessibilityService API unless they are classified as accessibility tools.
- When enabled, the system will prevent users from granting these permissions and will automatically revoke them from already installed apps.
- This change, spotted in Android Canary, aims to protect high-risk individuals from apps that might misuse screen-reading, gesture, or other capabilities granted through the AccessibilityService API.
With Android 16, Google introduced Advanced Protection Mode, a one-click security mode that enables all of Android’s highest security features to safeguard high-risk individuals against online attacks, harmful apps, and data risks. When toggled on, various security features across the OS, such as Intrusion Logging, USB Protection, and Android Safe Browsing, are enabled with a single click. We’ve now spotted Google working to add restrictions related to Accessibility services to Advanced Protection Mode.
Accessibility Service API and its potential for misuse
Over the past decade, many Android apps have used (and misused) the AccessibilityService API to work around various system limitations and issues, beyond just assisting users with disabilities. Over the years, Google has hardened its policies to prevent apps from abusing the API to provide workarounds, citing security risks as abusive apps with accessibility permissions could read screen content and perform gestures on behalf of the user. One such move is identifying apps that serve as Accessibility Tools and others that do not.
Apps designed to assist users with disabilities must declare the isAccessibilityTool attribute in the service’s metadata file. These apps, which are classified as an Accessibility Tool, can include:
- Screen readers that support people with visual impairments.
- Switch-based input systems that support people with motor impairments.
- Voice-based input systems that support people with motor impairments.
- Braille-based access systems that support people with both visual and hearing impairments.
- Tools supporting other users with disabilities, such as cognitive impairments or multiple disabilities.
Apps that are not classified as Accessibility Tools can include automation tools and assistants, monitoring apps, antivirus and system cleaner apps, and even launcher apps. Many apps in these categories often use the AccessibilityService API to work around system limitations.
For example, dynamicSpot is an app that emulates Dynamic Island behavior on Android phones. To read notification content from other apps and display pop-up notifications on top of other apps, dynamicSpot uses the Accessibility Services API. The end goal here is customization, but you can see how there’s plenty of scope for misuse here that might unnerve security-conscious users.
Don’t want to miss the best from Android Authority?
Advanced Protection Mode can now prevent misuse of Accessibility Service API
In the latest Android Canary 2602 release, Android’s Advanced Protection Mode can now target apps that use the Accessibility Service API but aren’t classified as Accessibility Tools, disabling their use of the Accessibility Service API as part of its one-click hardening solution.
When Advanced Protection Mode is disabled on this Android Canary release, users can grant accessibility service permissions to any app. When Advanced Protection Mode is turned on, not only does the Android system prevent users from granting Accessibility Services permission to non-Accessibility Tools, but it also goes ahead and revokes the permission if it was already granted.
In the first screenshot, Advanced Protection Mode is disabled, letting the user grant permissions to the dynamicSpot app. With Advanced Protection Mode enabled, dynamicSpot is grayed out, as seen in the second screenshot. Tapping on the grayed-out app reveals that it has been “Restricted by Advanced Protection.” If the app heavily depends on the Accessibility Service API for its functioning, it will no longer function.
Apps that are classified as Accessibility Tools will not be affected by this Advanced Protection Mode behavior.
With this change, Android is essentially treating non-Accessibility Tools as “incompatible” with a secure environment. Overall, this is a great change that aligns with Advanced Protection Mode’s core values and purpose. Users trade convenience and functionality for greater security, but it’s a fair trade for those who need such strong protection.
Google hasn’t yet detailed or officially announced this change. This change is already live in Android Canary, so there’s a chance it could roll out with Android 17‘s stable release to all users.
⚠️ An APK teardown helps predict features that may arrive on a service in the future based on work-in-progress code. However, it is possible that such predicted features may not make it to a public release.
Thank you for being part of our community. Read our Comment Policy before posting.
