image
A full 80 percent of Android apps are encrypting their traffic by default, according to a Transport Layer Security (TLS) adoption update from Google. That percentage is even greater for apps targeting Android 9 and higher, with 90 percent of those encrypting traffic by default, the tech giant said on Tuesday. TLS is a cryptographic protocol standard ratified by the Internet Engineering Task Force that provides end-to-end communications security over networks by scrambling data in transit, preventing hackers from reading it, intercepting it or tampering with it. TLS can be enabled for any internet communication or online transaction, such as a connection between a mobile shopping website and a user’s mobile browser, or between a banking app and the bank’s backend servers. The security of those connections is then verified via secure TLS certificates. As of October 2019, a third (33 percent) of Android devices run Android 9 (Pie), the latest version of the operating system. That makes it the most popular Android version. According to Google, apps targeting Android 9 or higher automatically have a policy set by default that prevents unencrypted traffic for every domain; and, since November 1, all apps on Google Play must target at least Android 9. “We’re excited to see that progress encrypting mobile application data on networks is mirroring the great progress happening with websites,” said Josh Aas, executive director of the open-source Let’s Encrypt project, told Threatpost….

Source