Google is introducing a feature called Intrusion Logging within Android's Advanced Protection settings, aimed at enhancing security through detailed activity logs. This feature was discovered in Google Play Services code and represents a development in Google's intrusion-detection mechanisms.
Functionality and Control
Intrusion Logging records encrypted logs of device activities, including connections, app installs, and browsing data. Users have the option to disable this feature; however, if enabled, suspicious activity triggers assistance from a 'trusted expert'. Access to these logs requires a user’s Google account and lockscreen credentials.
Data Management and Security
The logs are securely stored on Google's cloud servers for a 12-month period and cannot be manually deleted. They are set to auto-delete after the retention period lapses, ensuring user data privacy over time. The logs are reportedly only available to the user, emphasizing security.
Release Timeline and Expectations
While the feature's full rollout date is unspecified, it is likely that Intrusion Logging will debut with an upcoming Android 16 QPR update following the recent Beta 2 release for Pixel devices. This addition aligns with Android's aim to fortify users against potential security threats.
