Adamya Sharma / Android Authority
TL;DR
- We were able to get our first look at Android’s upcoming Intrusion Logging feature.
- It records security incidents and logs key activities that could be linked to data breaches.
- The feature is designed to help users who deal with sensitive data, such as journalists, government officials, or business owners.
Android typically gets bashed for being less secure than iOS, which can often influence those who deal wth sensitive data to choose an iPhone instead. To clear itself of this reputation, Google announced Intrusion Detection last year as a feature that helps users track whether their private data was exposed to hackers or whether their device was compromised. Despite being announced before Android 16’s launch, the feature has yet to roll out to users. But we have our first look at Android’s Intrusion Logging features, along with some information about how it could work.
Intrusion Logging records activity on your device, so it can be referenced in the event of a security incident. These logs are encrypted and stored in the cloud so they can only be accessed by you or an account you trust.
We’re looking at the interface for Android’s Intrusion Logging functionality for the first time, along with how to activate it. While it’s not live for users just yet, we were able to dredge up details by reverse-engineering version 26.02.31 of Google Play Services.
Foremost, we’re looking at the UI itself, where the Intrusion Logging option appears at the bottom of the Advanced Protection menu in Settings. Every time you set up Device Protection, you will see the option to enable Intrusion Logging, though you can skip the step.
The introduction screen also shows a description of the Intrusion Logging feature, reminding you that the activity logs from your device are end-to-end encrypted while being stored in the cloud. The description screen also reveals the type of data that is backed up, aligning with the strings we had spotted back in May last year. Essentially, this includes information about device connections, app installs, time when your screen was unlocked, browsing history, and some other data.
Don’t want to miss the best from Android Authority?
At the same time, we are also seeing new information, including that logs are automatically deleted 12 months after upload.
Once the feature is set up, the interface also lets you download logs locally if you suspect your device’s security may have been compromised.
As we noted above, the feature hasn’t gone live yet. Since it was announced several months ago and was believed to be released as part of Android, we expect it to arrive with the stable release of Android 16 QPR3, though that’s not guaranteed.
⚠️ An APK teardown helps predict features that may arrive on a service in the future based on work-in-progress code. However, it is possible that such predicted features may not make it to a public release.
Thank you for being part of our community. Read our Comment Policy before posting.
