Join gaming leaders, alongside GamesBeat and Facebook Gaming, for their 2nd Annual GamesBeat & Facebook Gaming Summit | GamesBeat: Into the Metaverse 2 this upcoming January 25-27, 2022. Learn more about the event. 


Google has announced that 80% of Android apps now encrypt all traffic by default, thanks to the increased uptake of transport layer security (TLS).

TLS is a cryptographic protocol used by all HTTPS domains to secure traffic over a network. Since the launch of Android 7 back in 2016, Google has allowed developers to configure their network security settings without changing the app’s code, enabling them to opt out of supporting cleartext traffic — that is, unencrypted traffic such as that supported by HTTP — which is susceptible to compromises.

With the launch of Android 9 (Pie) last year, however, Google enforced a new policy for all apps targeting that specific version of Android (API level 28) or higher so that they would default to HTTPS connections. Developers can still manually opt into cleartext for specific domains.

Google said that as a result of these changes, 90% of all apps targeting Android 9 or higher encrypt all traffic by default, though this figure drops to 80% when factoring in all Android apps.

Above: Percentage of Android apps blocking cleartext traffic by default

Google enforces API level requirements for all Android apps each year. For 2019, all new apps have been required to support Android 9 and above, starting August 1. For updates to existing apps on Google Play, this same policy applied from November 1.

In effect, this means all apps that are being actively updated will be forced to block cleartext traffic by default unless the developer creates specific opt-outs. All other apps can still exist on Google Play unaffected. Many apps only receive updates on a sporadic basis, but when a developer decides it’s time to give their app a fresh coat of paint, they will at that point have to support only encrypted traffic by default. In other words, the 80% figure touted by Google today will likely only increase.

VentureBeat

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more
Become a member