01 Jul 2022


AT&T has some tips on how to keep your smart devices cool during the summer heat

Summer is here, and while Jared puts the finishing touches on his review of a battery-powered air conditioner, AT&T has some tips on how you can keep your precious smartphone, tablet or laptop cool so it carries on performing like it should. Much of AT&T's advice is common sense, but keeping your phone cool isn't […]

Come comment on this article: AT&T has some tips on how to keep your smart devices cool during the summer heat

Visit TalkAndroid

01 Jul 2022 6:53pm GMT

[Updated with pricing] Samsung’s rugged Galaxy XCover 6 Pro is official with 5G, a removable battery, and a 120Hz display

After yesterday's comprehensive leak (thanks @evleaks), Samsung has officially launched the Galaxy XCover 6 Pro which is a rugged smartphone built for challenging work environments that packs in a 6.6-inch 120Hz display, MIL-STD-810H durability, and a 4,500mAh removable battery. Samsung is also committing to four One UI/Android OS upgrades as well as five years of […]

Come comment on this article: [Updated with pricing] Samsung's rugged Galaxy XCover 6 Pro is official with 5G, a removable battery, and a 120Hz display

Visit TalkAndroid

01 Jul 2022 6:06pm GMT

30 Jun 2022


The upcoming OnePlus 10T may not feature the alert slider but it still looks pretty sweet

We reviewed the OnePlus 10 Pro earlier this year and thought the phone was 'a killer alternative to Samsung's Galaxy S22'. Newly leaked renders point to the OnePlus 10T sporting a refined design and possibly, the omission of the alert slider that the brand is renowned for. The images come courtesy of @OnLeaks via SmartPrix, […]

Come comment on this article: The upcoming OnePlus 10T may not feature the alert slider but it still looks pretty sweet

Visit TalkAndroid

30 Jun 2022 5:16pm GMT

Nvidia’s Shield TV Experience 9.1 is rolling out with bug fixes and enhancements in tow

Nvidia is continuing its support for Shield TV devices by rolling out the Software Experience Upgrade 9.1 that comes with a host of fixes and also some new features such as AI upscaling support for 60Hz HDR10 video (Shield Pro 2019) and the ability to wake the unit by pressing the power or Netflix button […]

Come comment on this article: Nvidia's Shield TV Experience 9.1 is rolling out with bug fixes and enhancements in tow

Visit TalkAndroid

30 Jun 2022 4:42pm GMT

Samsung Gaming Hub is rolling out with Xbox Game Pass, GeForce Now, and more

Samsung isn't messing about when it comes to supporting all the major cloud gaming services because its new Gaming Hub is rolling out to 2022 Smart TVs and Smart Monitors with access to the likes of GeForce Now, Stadia, Xbox Game Pass, and more. This means that you just need a supported Samsung Smart TV […]

Come comment on this article: Samsung Gaming Hub is rolling out with Xbox Game Pass, GeForce Now, and more

Visit TalkAndroid

30 Jun 2022 4:21pm GMT

Details on pricing and hardware leak for Nothing’s Phone (1) ahead of July 12th launch

Here we are writing about Nothing again and this time we have news on the Phone (1)'s specifications and European pricing, which almost completes the picture. Less than two weeks from the July 12th launch and with Nothing collecting non-refundable £20 deposits from would-be buyers, a separate leak has also revealed that the Phone (1) […]

Come comment on this article: Details on pricing and hardware leak for Nothing's Phone (1) ahead of July 12th launch

Visit TalkAndroid

30 Jun 2022 3:37pm GMT

29 Jun 2022


Got a Nest Doorbell and feeling patriotic? You’ll love these Independence Day-themed ringtones from Google

Independence Day is looming large on the horizon and to help celebrate the occasion, Google has released a bunch of ringtones for the Nest Doorbell to get your into the mood (at least when someone rings the doorbell). It's not the first time that Google has released themed ringtones for the Nest Doorbell, but the […]

Come comment on this article: Got a Nest Doorbell and feeling patriotic? You'll love these Independence Day-themed ringtones from Google

Visit TalkAndroid

29 Jun 2022 7:03pm GMT

Leaked roadmap reveals what Motorola has in store for the second half of 2022 and beyond

It's only a couple of months since the leaked product roadmap which laid Motorola's portfolio of upcoming handsets, but its happened again with details on the brands' portfolio plan that reaches into 2023. According to the roadmap, Motorola unsurprisingly has a bunch of devices being developed in the affordable, mid-range, and premium categories. The leaked […]

Come comment on this article: Leaked roadmap reveals what Motorola has in store for the second half of 2022 and beyond

Visit TalkAndroid

29 Jun 2022 6:40pm GMT

The Asus ROG Phone 3 is finally getting its Android 12 update

It took a while for Asus to roll out the Android 11 update to the ROG Phone 3 and so it has proved with the Android 12 firmware, it's late but at least it's here now. This is possibly the last OS update that the ROG Phone 3 will receive with Asus having only committed […]

Come comment on this article: The Asus ROG Phone 3 is finally getting its Android 12 update

Visit TalkAndroid

29 Jun 2022 5:34pm GMT

feedAndroid Developers Blog

Independent versioning of Jetpack Compose libraries

Posted by Jolanda Verhoef, Android Developer Relations Engineer

Starting today, the various Jetpack Compose libraries will move to independent versioning schemes. This creates the possibility for sub-groups such as androidx.compose.compiler or androidx.compose.animation to follow their own release cycles.

Allowing these libraries to be versioned independently will decouple dependencies which were previously implicitly coupled, thereby making it easier to incrementally upgrade your application and therefore stay up-to-date with the latest Compose features.

The first library to break away from the single Compose version is the Compose Compiler. Today we're releasing the 1.2.0 stable version that brings support for Kotlin 1.7.0! The release is both backwards and forwards compatible with the Compose UI libraries and the Compose Runtime library. This means you can upgrade your Compose Compiler to 1.2.0 stable and use Kotlin 1.7.0, while leaving your other Compose libraries on their current version, for example 1.1.0 stable.

To upgrade the version of the Compose Compiler in your app, specify the kotlinCompilerExtensionVersion in your build.gradle file.

Compose and Kotlin are highly coupled, and we've heard your feedback that Compose compiler updates are needed to allow you to upgrade your Kotlin version. We want to make sure that you can use the latest and greatest features (and bug fixes) from both Compose and Kotlin, which is why we plan to release stable versions of the Compose Compiler on a much more regular basis. This means the Compose Compiler version numbers will progress at a faster pace than most other Compose libraries. Since the Compose Compiler is both forwards and backwards compatible, you will be able to upgrade it as soon as a new version is released.

The Compose Compiler is built as a Kotlin Compiler Plugin, and so you must use a version of the Compose Compiler which is compatible with the version of Kotlin that you have chosen. To help you choose the version that matches your project, check out the Compose-Kotlin compatibility map.

Moving the Compiler library to a different versioning scheme is the first step in decoupling versioning for the different Compose library groups. You'll see new stable releases for the other Compose libraries in the next few weeks, and then they will then start following their own release cycles independent of the Compose Compiler.

Prepare your build for individual versioning and start using the latest Compose Compiler and Kotlin versions now!

We look forward to seeing what you build with Compose!

android {
    composeOptions {
        kotlinCompilerExtensionVersion = "1.2.0"

29 Jun 2022 5:00pm GMT

28 Jun 2022


Don’t let the Metaverse tag put you off HTC’s new mid-range Desire 22 Pro

Tales of HTC's demise are ahead of themselves because the struggling former "King of Android" has just announced a new mid-range handset which focuses on the metaverse. There's nothing like preparing for low sales than developing a new phone for VR, a nice segment if ever there was one. Although it will probably be more […]

Come comment on this article: Don't let the Metaverse tag put you off HTC's new mid-range Desire 22 Pro

Visit TalkAndroid

28 Jun 2022 5:19pm GMT

Qualcomm lets slip that the Snapdragon 8 Gen 2 will be announced earlier than usual

Qualcomm usually announces its new flagship Snapdragon processor during a press jaunt held in Hawaii at the tail-end of the year, but according to a reliable leak, it seems that we'll learn about the Snapdragon 8 Gen 2 a month earlier. The source in question is Qualcomm itself, having inadvertently revealed the dates for its […]

Come comment on this article: Qualcomm lets slip that the Snapdragon 8 Gen 2 will be announced earlier than usual

Visit TalkAndroid

28 Jun 2022 4:46pm GMT

Arm launches a new flagship GPU and 2nd-Gen Armv9 Cortex CPUs

During a virtual news conference today, Arm announced its new flagship Armv9 Cortex processors and Mali graphic processing units which will feature in the next-generation of high-performance smartphones. The new processors are called the Armv9 Cortex-X3 (also known as the Super-core), the Cortex-A715, and the power efficient Cortex-A510, while the new GPUs are called the […]

Come comment on this article: Arm launches a new flagship GPU and 2nd-Gen Armv9 Cortex CPUs

Visit TalkAndroid

28 Jun 2022 3:59pm GMT

Full specs and renders leak for Samsung’s Galaxy XCover 6 Pro rugged smartphone

This isn't the first time that we've seen leaked renders of Samsung's Galaxy XCover 6 Pro but today's leak does imply that the launch of the rugged handset should be counted in days and weeks as opposed to months. There are more renders, and a more thorough set of specifications to pore over, so much […]

Come comment on this article: Full specs and renders leak for Samsung's Galaxy XCover 6 Pro rugged smartphone

Visit TalkAndroid

28 Jun 2022 3:17pm GMT

Samsung could launch the Galaxy S22’s One UI 5.0 beta program before the end of July

When it comes to software and security updates in the Android world, Samsung has been killing it. The Korean phone maker has consistently been the first OEM to roll out security patches to its handsets, often sooner than Google manages to do for its comparatively tiny inventory. Next on the horizon for Samsung is the […]

Come comment on this article: Samsung could launch the Galaxy S22's One UI 5.0 beta program before the end of July

Visit TalkAndroid

28 Jun 2022 2:28pm GMT

23 Jun 2022

feedAndroid Developers Blog

Developer-Powered CTS (CTS-D)

Posted by Sachiyo Sugimoto, Android Partner Engineering

A strength of Android is its diverse ecosystem of devices, brought to market by more than 24K distinct devices, and used by billions of people around the world. Since the early releases of Android, we've invested in our Android Compatibility Program as a way to ensure that devices continue to provide a stable, consistent environment for apps.

The Compatibility Test Suite (CTS) is a key part of the program - it is a collection of more than two million test cases that check Android device implementations to ensure developer applications run on a variety of devices and enable a consistent application experience for users.

Device makers run CTS on their devices throughout the development process, and use it to identify and fix bugs early. Over the years we have constantly expanded the suite by adding new test cases, and today CTS includes more than 2 million tests. It is still growing - as Android evolves, there are new areas to cover and there are also gaps where we are constantly working to create additional tests.

While most CTS tests are written by Android engineers, we know that app developers have a unique perspective on actual device compatibility issues. So to enhance CTS with better input from app developers, we are adding a new test suite called CTS-D that is built and run by developers like you.

What is CTS-D?

CTS-D is a new CTS module that is powered by app developers with a focus on pain points that they are seeing in the field. Developers can build and contribute test cases to CTS-D to help catch those issues, and they can run the CTS-D suite to verify compatibility. Longer term, our plan is to work closely with the Android developer community to expand the CTS-D suite.

We know that many of you have already created your own tests to verify compatibility on various devices. We want to work with you to bring those tests into AOSP, and you can see the first tests contributed by the community in the initial CTS-D commit here.

So with CTS-D, we are helping to make those kinds of tests available widely, to help device manufacturers and app developers identify and share issues more effectively.

How is CTS-D used?

CTS-D is open-sourced and available on AOSP, so any app developer can use it as a verification tool. Using CTS-D helps to minimize the communication overhead among app developers, device manufacturers and Google, helping to resolve issues effectively.

If a certain device does not pass a CTS-D test, please report the problem using this issue tracker template. After we verify the issue on the reported device, we will work with our partners to resolve it. We're also strongly advising device manufacturers to use CTS-D to discover and mitigate issues.

Get Started with CTS-D!

If you have an idea for CTS-D, please file a test proposal using this issue tracker template before contributing your test code to AOSP. The Android team will review your proposal and verify your test's eligibility. We're currently most interested in adding more test cases in the area of Power Management.

Just like with CTS, new CTS-D test cases must meet eligibility requirements and can only enforce the following:
  1. All public API behaviors that are described in Android developer documentation.
  2. All MUST requirements that are included in Android Compatibility Definition Document (CDD).
  3. Test cases that have not been covered by existing CTS test cases in AOSP
If you are interested in learning more about CTS-D, check out tutorials here on how to contribute to and utilize CTS-D. Note that the review process for new CTS-D test cases can take some time, so thanks for your patience. We hope you will give CTS-D a try soon. Let's collaboratively make the Android experience even better!

23 Jun 2022 5:00pm GMT

22 Jun 2022

feedAndroid Developers Blog

Notes from Google Play: making Play work for everyone


As Apps Partnerships lead for Google Play, I have the amazing opportunity of meeting with many companies who share great ideas and feedback on how we can support you creating and growing successful businesses.

In this latest edition of Notes from Google Play, I want to share some of your work that has inspired us, alongside what is top of mind for me and our team. What sums it up for me is our focus on making Google Play work for everyone. It's about making Play work better for all of you - the people behind apps and games - making it easier for you to grow apps and games business, and helping you better serve everyone, everywhere.

I will kick us off by sharing the story of OLIO, one of the many apps that has inspired me this year. OLIO is a community-driven app that is fighting to reduce food waste. The app provides a way for people to easily give away food to neighbors. Founders, Tessa Clarke and Saasha Celestial-One, had a goal to create local food sharing networks across the world and ensure nothing of value goes to waste. Having first launched the app in the UK, Tessa and Saasha's belief in their core mission helped them expand the app to 62 countries and counting, partnering with global stores to help them reach zero waste along the way.

The success of the OLIO app is a tale of two women from different backgrounds, with the same dream, made for the benefit of everyone and our planet. For me, this is what it's all about: ensuring that everyone is empowered to build a successful business that can benefit people around the globe.
So let me share more about some of my favorite tools and programs that we recently launched with this goal in mind.

Apps and games by everyone

Regardless of the size of your company, we want to make sure you have the insights and tools that enable you to make more informed decisions, and ultimately make it easy for you to build and improve your app or game business. Let's take a look at privacy and security as an example, as this is a critical topic.

We have various tools and programs to help you build safe and secure experiences for everyone and protect your business, including the Play Integrity API, Data Safety section, Privacy Sandbox on Android, and also the newly launched Google Play SDK Index.The index provides data and insights about more than 100 of the most widely used commercial SDKs. This can help you navigate third-party SDKs and align with Google Play policies, so that you make more informed decisions for your business and your users.

We also have programs designed for companies with various needs, from media companies building experiences across devices, to startups solving local problems in the first cohort of Appscale Academy in India. These 100 promising app innovators have already inspired us with their drive and creativity to build high-quality apps that serve and help people across India, and the world.

We're also excited to continue investing in programs designed to help grow businesses both big and small. These include the Google Play Partner Program which launched in March and is designed to help larger games businesses reach their growth and performance goals. We also just opened submissions for the Indie Games Accelerator and Indie Games Festival programs. We were particularly inspired by the alumni of the 2021 edition, and you can hear directly from Jimjum Studios in Israel, who create games that encourage kindness, community building, and generosity, in the first episode of Google Play Coffee breaks:

Beyond the size of the company, apps and games are built and run by people. So we are continuously investing in programs to drive diversity in the ecosystem and empower the next generations of app and game makers. Programs like Change the Game and our investment in organizations driving positive change in the games industry are just a couple of the programs I'm particularly proud of.

Apps and games for everyone

We believe everyone should have easy access to great app and game experiences. This enables people to lead better lives, and it helps you grow your businesses.

In order to help with this, we've made some updates that make it easier for everyone to access apps and games at a price that is right for them, which in turn helps you better monetise your apps or games. For example, you asked for more flexibility and less complexity in how you sell your subscriptions, so we launched new subscription capabilities. You can now create multiple base plans and offers for each subscription, all while significantly reducing the cost and complexity of managing an ever-increasing number of SKUs. Whether your aim is to better connect with people that are new to your business, or to retain your loyal users, you have the ability to create offers for everyone.

We've also invested in new tools that help people pay for your apps and games using the methods that suit them best, helping to improve your monetisation. Google Play Commerce provides buyer support in over 170 countries, and we've further increased access by adding to our payment method library, which now includes over 300 local payment methods in 70 countries. We also made changes to help you better adapt to local purchasing power by adding the option to lower prices, starting at the equivalent of 5 US cents in any market.

Serving people better doesn't only mean adapting pricing, but also optimizing your apps and games for the devices they are using, so they can get the best experience. Whether it's phones, wearables, tablets or TVs. We introduced new tools and resources to help you create better experiences on large screens and launched Google Play Games beta, to help you expand your game's reach to PCs.

Celebrating you

I started by highlighting OLIO as a business that was brought into existence by newcomers to the apps space, and yet managed to have a positive impact across the world. This is only one of so many inspiring examples out there. We've just launched #WeArePlay, a new campaign that celebrates you, the global community of people behind apps and games, and your unique stories. It represents teams of all sizes - some founded by longtime coders and others by tech newcomers, some based in big cities and others in smaller towns. These are short stories that tell personal journeys of making apps or games that are solving a problem or bringing joy to people everywhere.

I look forward to watching you all continue to build amazing app and game experiences, grow your businesses, and enthrall your users. Here's to you and your achievements - let's continue to celebrate every step forward and each small win. That's what makes us all grow.

Take care of yourselves and each other,

Sarah Karam

Director, Global Apps Partnerships, Google Play

22 Jun 2022 11:12pm GMT

#WeArePlay | Discover the people building apps & games businesses

Posted by Patricia Correa, Director, Global Developer Marketing

Over 2.5 billion people come to Google Play every month to find apps and games created by millions of businesses from all over the world.

#WeArePlay celebrates you: the global community of people behind these businesses.

Each one of you creating an app or game has a different story to tell. Some of you have been coders since childhood, others are newbies who got into tech later in life. Some of you are based in busy cities, others in smaller towns. No matter who you are or how different your story is, you all have one thing in common - you have the passion to turn an idea into a business impacting people all over the world.

Now, and over the coming months, #WeArePlay celebrates you by sharing your stories.

We are kicking off the series with the story of Yvonne and Alyssa, the London-based mother and daughter duo who created Frobelles - a dress up game increasing representation of African and Caribbean hair styles.

You can now also discover the stories of friends Ronaldo, Carlos and Thadeu from Hand Talk Translator (Brazil - my home country!), art lover Zuzanna from DailyArt (Poland) and travel-loving couple Ina & Jonas from TravelSpend (Germany).

To all apps and games businesses - thank you for being a part of the Google Play community. Your dedication and ambition is helping millions of people learn, connect, relax, exercise, find jobs, give back, laugh, have fun, escape to fantasy lands, and so much more.

Read more and stay tuned for many more stories at g.co/play/weareplay

How useful did you find this blog post?

22 Jun 2022 4:00pm GMT

16 Jun 2022

feedAndroid Developers Blog

Privacy Sandbox Developer Preview 3: Support for conversion measurement, custom audiences, and ad selection

Posted by Fred Chung, Android Developer Relations

Privacy Sandbox Developer Preview 3

The Privacy Sandbox on Android aims to develop new solutions that preserve user privacy and enable effective, personalized advertising experiences for apps. Since our first developer preview, we've shared progress updates and continue to engage the industry on everything from the Developer Preview timeline, to Topics taxonomy, to SDK version management. We appreciate your feedback!

Today, we're releasing Developer Preview 3, which includes APIs and developer resources for conversion measurement and remarketing use cases. In addition to the preview of SDK Runtime and Topics APIs released earlier, you can for the first time begin testing and evaluating impact on all key APIs for Privacy Sandbox on Android.

Event-Level and Aggregate Attribution Reporting APIs

These APIs allow developers to measure when an ad click or view event leads to a conversion, such as the download of a new game. They support key use cases for attribution across apps and the web, and improve user privacy by removing reliance on cross-party user identifiers.

This release includes a developer guide and sample apps to help you understand client- and server-side set up and interactions for key parts of the attribution reporting workflow, including:

To help facilitate testing, the release also supports ADB commands to override reporting time windows. Refer to the API reference to learn more about the Android client APIs.

Custom Audience and Ad Selection APIs

Part of FLEDGE for Android, these APIs provide the building blocks to serve customized ads to users based on previous app engagement, without third-party data sharing. You'll be able to:

To learn more, refer to the Custom Audience and Ad Selection API reference pages, as well as the release notes.

Other key features

If you're just starting to explore the Developer Preview, please also review the supported features described in the SDK Runtime and Topics API developer guides.

If you need a refresher on key technologies for the Privacy Sandbox on Android, we recommend watching this overview video and reviewing the design proposals.

Get started with the Developer Preview

Today's Developer Preview release provides the resources you need to begin early testing of features and share feedback. To get started developing, see instructions to set up the SDK and system images on the emulator or supported Pixel devices.

For more information on the Privacy Sandbox on Android Developer Preview, visit the developer site and sign up for our newsletter to receive regular updates.

16 Jun 2022 4:59pm GMT

13 Jun 2022

feedAndroid Developers Blog

Google Play @ Google I/O - 3 updates you need to know

Posted by Tom Grinsted - Group Product Manager, Google Play

notification icons

Here at Google Play, we're always working on new ways to help developers grow their businesses, whether that's by increasing installs, improving engagement, or boosting monetization. So in case you missed it, here are the top 3 new ways to grow your business that we announced at this year's Google I/O:

#1: Improved custom store listings

Custom store listings have gotten a major update, giving you new ways to make a great first impression by showing the right message to each person.

You can now generate unique deep links to your custom listings, so you can show different listings to users depending on which channel or site they come from. And because Play Console provides analytics for each of your custom listings, you can see how effective each variation is and optimize them over time.

All developers can create up to 50 custom store listings, so you can create more tailored narratives for your users than ever before. With up to 5 experiments per listing, the opportunities for optimization are huge!

Custom store listings have gotten a major update, giving you new ways to improve your conversion rate.

Custom store listings have gotten a major update, giving you new ways to improve your conversion rate.

#2: LiveOps open beta

LiveOps are self-service merchandising units in the Play Store that promote limited-time events, offers, and major updates for your game or app. Developers in our beta can submit content to help inspire installs, increase engagement, and drive sales.

Plus, they can now use deep links to drop users directly into the most relevant part of their app or game, then measure success with the new LiveOps reporting dashboard in Play Console. These reports give a granular view of the performance metrics of each event, displaying the results over time and by outcome - whether that's acquisitions, opens, or updates.

Learn more about LiveOps and express interest in our beta program here.

Developers in our LiveOps beta can submit content to be featured on the Google Play Store.

#3: New flexible tools to grow your subscriptions

As subscription business models evolve, many developers have asked us for more flexibility and less complexity in how they sell subscriptions. In a major update, we launched new subscription capabilities, allowing you to configure multiple base plans and offers for each subscription. Acquire new subscribers, incentivize upgrades, and retain existing subscribers, by creating multiple offers supporting different stages of the subscription lifecycle, all while significantly reducing the cost and complexity of managing an ever-increasing number of SKUs.

For each subscription, you can now configure multiple base plans and offers, without needing to manage an ever-increasing number of SKUs.

Plus, you can now offer prepaid plans that give users access for a fixed amount of time, and make a great option for regions where pay-as-you-go is standard or for users not ready to commit to an auto-renewing plan. Users can easily extend their access period at any time before plan expiration, with a top-up in your app, or right on the Play Store subscription screen.

That was just three launches from a whole bunch of great updates to help you grow and thrive with Play. Want to see more? Be sure to catch the full playlist on Google Play from Google I/O.

13 Jun 2022 4:59pm GMT

08 Jun 2022

feedAndroid Developers Blog

Android 13 Beta 3 and Platform Stability

Posted by Dave Burke, VP of Engineering

Android13 Logo

Today we're releasing the third Beta of Android 13, taking us into the final phase of our cycle where we're focusing on polish and performance. With Android 13, we've built on our core themes of privacy and security, developer productivity, and tablet and large screen support.

There's a lot to explore in Android 13, from privacy features like the new notification permission and photo picker, to productivity features like themed app icons and per-app language support, as well as modern standards like HDR video, Bluetooth LE Audio, and MIDI 2.0 over USB. We've also extended the newer updates we made in 12L, giving you better tools to take advantage of the 270+ million tablet and large screen devices in active use.

Beta 3 takes Android 13 to Platform Stability, which means that the developer APIs and all app-facing behaviors are now final. We're thankful for all the feedback you've shared to help us get to this point! For developers, the focus is now on compatibility testing and quality as you prepare your apps for the official release later in the year!

You can get Beta 3 on your Pixel device by enrolling here for over-the-air updates. If you previously enrolled, you'll automatically get today's update. You can also try Android 13 Beta on select devices from several of our partners - learn more at android.com/beta. Read on for a quick look at how to get your app ready, and visit the Android 13 developer site for details.

Platform Stability

With Beta 3, Android 13 reaches Platform Stability, a milestone that means all app-facing behaviors and APIs, including the official API Level 33 SDK and NDK APIs, are now final. So from Beta 3, you can confidently develop and release your compatibility updates knowing that the platform won't change.

Platform stability timeline with stable at the June mark

We're asking all app and game developers to start your final compatibility testing now and prepare to publish your compatibility updates as soon as possible ahead of the final release.

For all SDK, library, tools, and game engine developers, it's even more important to start testing now and release your compatible updates as soon as possible -- your downstream app and game developers may be blocked until they receive your updates. So when you've released a compatible update, be vocal and let your developers know!

App compatibility

App compatibility means that your app runs as intended on a new version of the platform. With each release, we make integral changes to the platform that improve privacy and security and the overall user experience across the OS. These can affect your apps, so it's important to test your app now, make any updates needed, and publish a compatible update to your users ahead of the final release. It's a basic but critical level of quality that your users will appreciate as they explore what's new in Android 13.

To test your app for compatibility, just install your production app from Google Play or other source onto a device running Android 13 Beta 3. Work through all of the app's flows and watch for functional or UI issues. Review the behavior changes to focus your testing. Here are some changes to watch for:

Also remember to test the libraries and SDKs in your app for compatibility. If you find any issues, try updating to the latest version of the library or SDK or reaching out to the developer for help.

Once you've published the compatible version of your current app, you can start the process to update your app's targetSdkVersion. Review the behavior changes for apps targeting Android 13 and use the compatibility framework to help you detect issues quickly. Here are some of the changes to test for (these apply only to apps with targetSdkVersion set to API 33 or higher):

Tablets and large-screens support

Android 13 builds on the tablet optimizations introduced in 12L, so as part of your testing, make sure your apps look their best on tablets and other large-screen devices. You can test with the large screens features by setting up an Android emulator in Android Studio, or you can use a large screen device from our Android 13 Beta partners. Here are some areas to watch for:

You can read more about the tablet features in Android 13 and what to test here.

Get started with Android 13!

Today's Beta release has everything you need to test your app and try the Android 13 features. Just enroll your Pixel device to get the update over-the-air. To get started, set up the Android 13 SDK.

You can also test your app with Android 13 Beta on devices from several of our partners. Visit android.com/beta to see the full list of partners, with links to their sites for details on their supported devices and Beta builds, starting with Beta 1. Each partner will handle their own enrollments and support, and provide the Beta updates to you directly. For even broader testing, you can try Android 13 Beta 3 on Android GSI images, and if you don't have a device, you can test on the Android Emulator.

For complete details on Android 13, visit the Android 13 developer site.

08 Jun 2022 5:13pm GMT

07 Jun 2022

feedAndroid Developers Blog

Progress on initiatives to keeping Google Play safe

Posted by Krish Vitaldevara Director, Product Management, Play and Android Trust & Safety

Google Play Privacy

We want to keep you updated on the privacy and security initiatives we shared earlier this year, so you can plan ahead and use new tools to safely build your business. In the past few months, we launched:

What's coming up

Thank you for your partnership in making Google Play a safe and trustworthy platform for everyone.

07 Jun 2022 4:59pm GMT

06 Jun 2022

feedAndroid Developers Blog

3 things to know about Android Privacy, Platform & Security from Google I/O'22

Posted by Dan Galpin, Developer Relations Engineer

Blue security symbols

Amidst the whirlwind of content at Google I/O, we shared huge announcements involving privacy, security, and the Android platform. Read on for the details, and don't forget to watch the topic playlist on YouTube.

#1: Privacy Sandbox on Android

We recently released the first Privacy Sandbox on Android Developer Preview, so you can get an early look at the SDK Runtime and Topics API. This provides a path for new advertising solutions that improve user privacy without putting access to free content and services at risk.

You can conduct preliminary testing of these new technologies, evaluate how you might adopt them for your solutions, and share feedback with us. Learn more in the "Overview of the Privacy Sandbox in Android" session.

#2: Google Play SDK Index

The new Google Play SDK index is a public portal that lists over 100 of the most widely used commercial SDKs. It contains information like which app permissions the SDK requests, statistics on the apps that use them, and which version of the SDK is most popular, so you can evaluate if an SDK is right for your business and your users. Android Studio Electric Eel allows you to view dependency insights from Google Play SDK Index; if a specific version of a library has been marked as 'outdated' by its author, a corresponding Lint warning appears when viewing that dependency definition. Learn more on our blog post and watch the "What's new in Google Play" and "What's new in Android development tools" sessions.

#3: Android 13!

The second Beta of Android 13 is now available. You can enhance your app with Android 13 features like app-specific language support and themed app icons, while the "Basics for System Back" talk covers the new Android 13 opt-in API that lets you tell the system that you're handling back ahead of time to make the back experience more predictable and fluid.

The "Developing Privacy User-centric Apps" session will help you get your apps ready for the latest features for privacy and security, like the new notification permission, the privacy-protecting photo picker, and improved permissions for pairing with nearby devices and accessing media files.

The "What's new in Android Media" talk will help you build with modern standards like HDR video and Bluetooth LE Audio, while the "What's New in Android Camera" talk provides a … snapshot … of what we're doing in CameraX, such as support for video capture and WYSIWYG camera controls.

You can get started by enrolling your Pixel device here. The Android 13 Beta is now available to test on a range of devices from Asus, Lenovo, Nokia, OnePlus, Oppo, Realme, Sharp, TECNO, Vivo, Xiaomi, and ZTE - visit developer.android.com/13 to learn more.

This is just a fraction of what we're doing to improve the Android platform, user privacy, and security. Head on over to the playlist to learn more.

06 Jun 2022 5:01pm GMT

01 Jun 2022

feedAndroid Developers Blog

Submissions now open: Indie games programs to help developers grow with Google Play

Posted by Leticia Lago, P&E Developer Marketing

Google Play Indie Games Festival and Accelerator

At Google Play we're committed to helping developers of all sizes reach their full potential, and go further, faster. Today we're opening submissions for our two annual programs supporting the indie game community, as they bring some of the most innovative titles to players worldwide.

If you are an indie games developer, check out our Accelerator and Festival programs, where you have the chance to boost your game's visibility, get training, and tap into our community of gaming experts.

These programs are designed to help you grow no matter what stage you are in:

After being selected as a Festival finalist and participating in the Accelerator in 2021, Co-founder of Jimjum Studios, Nimrod Kimhi said "being in the Accelerator probably saved us two years worth of mistakes." Read below to learn more about the programs.

Submissions are open until July 1st.

Supercharge your growth with mentorship & live masterclasses

If you're an indie developer who is early in your journey - either close to launching a new game or have recently launched a title - this high-impact program is designed for you.

With the help of our network of gaming experts, the Indie Games Accelerator provides education and mentorship to help you build, launch and grow successfully.

Selected game studios will be invited to take part in the 10-week acceleration program starting in September 2022. This is a highly-tailored program for small game developers from across 70+ eligible countries. It includes a series of online masterclasses, talks and gaming workshops, hosted by some of the best in the industry.

You'll also get the chance to meet and connect with other passionate developers from around the world who are looking to take their games to the next level.

Apply to the Accelerator by July 1st.

Win promotions that put your indie game in the spotlight

If you have recently launched a new, high quality game on Google Play, enter your game to be showcased at the Indie Games Festival and win promotions.

Once again, we are hosting three international competitions for indie game developers from selected European countries, Japan or South Korea.

The Festival jury consists of both gaming experts and Googlers, who are charged with selecting creative indie games that are ready for the spotlight.

Top indie games will be featured during the online Festival finals, where you can get your game discovered by game industry experts and players worldwide. The winners will also get featured on Google Play, prizes and additional promotions such as campaigns worth 100,000 EUR.

Apply to the Festivals in Europe, Japan or South Korea by July 1st.

All submissions must be completed by 1 July @ 1 pm CET and meet all eligibility requirements.

For more updates about all of our programs, resources and tools for indie game developers, follow us on Twitter @GooglePlayBiz and Google Play business community on LinkedIn.

How useful did you find this blog post?

Google Play logo

01 Jun 2022 2:37pm GMT

31 May 2022

feedAndroid Developers Blog

3 things to know about Form Factors at Google I/O'22

Three different form factors- a phone, watch, and tablet

With close to half a billion cars, TVs, watches and laptops running on Android, it is more important than ever for apps to work seamlessly across every device. This year at I/O, we renewed our focus on form factors and announced major updates for Wear OS and Large Screens. To help you get to the bottom of what's new, here are the three things you need to know about Form Factors at Google I/O:

#1: Building Wear OS and fitness apps is simpler than ever

Compose for Wear OS GIF

At I/O we announced the Beta release of Compose for Wear OS, our modern declarative UI toolkit designed to help developers build exceptional user experiences for Wear OS. Compose for Wear OS shares the foundation and principles of Jetpack Compose, helping to simplify and accelerate UI development. Additionally, Compose for Wear OS offers the Material catalog with components that are optimized for the watch experience.

We've been developing Compose for Wear OS with open source community feedback and participation. Since the Developer Preview, we've added and improved a number of components such as navigation, scaling lazy lists, input and gesture support and many more. Compose for Wear OS is now feature complete for the 1.0 release coming soon and the API is stable - so you can begin building beautiful, production-ready apps.

Health Services Logo

Health Services-the power efficient and easy-to-use library for collecting real-time sensor data on smartwatches-will soon be available in beta and ready for production use. Health Services enables apps to take advantage of modern smartwatch architecture, thus helping conserve battery while still delivering high frequency data. Since the alpha release last year, we have been working hard to increase performance and improve the developer experience. We have also made some improvements to the API in response to your feedback.

If you have an existing health and fitness app for Wear OS you want to update, or have a completely new app in mind, we suggest you look at Health Service to provide the best experience for Wear 3 users and prepare your app for additional devices and sensors in the future. For example, this library will power all the Google- and Fitbit-branded health and fitness experiences on the recently announced Google Pixel Watch.

Health Conect Logo

And, last but not least, we just launched Health Connect. With Health Connect, users will be able to securely store health and fitness data on their phone and connect and share that data with some of their favorite health and fitness apps. Samsung Health, Google Fit and Fitbit are integrating with Health Connect, along with many popular health and fitness apps. Health Connect is a common set of APIs for storing & sharing health data on Android phones. Developers can read from & write data to an on-device data store and we've standardized the schema and API behavior, making it easy for you to use the data. We know how important the privacy of each user's health data is, so we centralized permissions and privacy controls - making it clear and simple for your users to manage and control this data.

#2: Google is all-in on tablets

Google is going big on large screens with innovations in hardware, optimizations in the operating system and a major investment in our app ecosystem. In the first quarter of this year, we saw active large screen users approaching 270 million, making it a great time to optimize for tablets, foldables and Chrome OS.

Since last I/O we launched Android 12L, a feature drop that makes Android 12 even better on large screens. With Android 13, we are including all of these improvements and more. Android 12L and 13 have a huge number of optimizations for large screens, including the task bar, multi-tasking, keyboard and mouse support, and a compatibility mode for applications. We also have exciting updates to guidance, testing and tools. To take the guesswork out of optimizing and testing your app for large screens, we created a set of Large Screen Quality guidelines and a number of Material Design Canonical Layouts. Our guidance is implemented in our Jetpack libraries, which bake in many of the most common tasks for Large Screen development, such as drag and drop.

Quote from Developer at Meta

Hardware innovation is a cornerstone of Google's investment in large screens - this year and beyond. At I/O, we announced the Google Pixel tablet, coming in 2023. Plus, our partners are creating some amazing devices with tablets, Chromebooks, and foldables coming from companies like Samsung, Lenovo, and OPPO.

With the incredible hardware and operating system innovations, more apps than ever are optimizing for large screens. Apps like Facebook, TikTok, HBO Max and Zoom look great on large screens. Here at Google, we recognize the opportunity with large screens. Apps like YouTube, Google Maps, Google Photos, Chrome, and many of our most popular apps are rolling out large screen optimizations, with more to come.

These apps - and more - are available on the Play Store, where we have made some of our most impactful updates to date. We are committed to helping users find the best large-screen optimized apps in the Play Store with new large screens focused editorial content and separate reviews and ratings for large-screen applications. Plus, we are updating Google Play to look awesome on a tablet, Chromebook or foldable device.

#3: We're here to support you!

To make your apps even better on large screens and Wear OS, we've created in-depth content for making your app work better across different types of inputs, screen sizes and devices.

In Android Studio Dolphin Beta and Electric Eel Canary we've added new features for Wear OS and Large screens to help you be more productive when developing and testing for different form factors. Read more

Looking to get started? Here's all the amazing I/O content to help you on your way:

31 May 2022 5:19pm GMT

27 May 2022

feedAndroid Developers Blog

Implementing Dynamic Color: Lessons from the Chrome team

Posted by Rebecca Gutteridge, Developer Relations Engineer on Android

blue and green phone illustration


With the release of Android 12 and Material You, we provided documentation and guidance on dynamic color foundations, how to implement dynamic color in Jetpack Compose and a getting started codelab. But creating a scalable, personalized, and accessible app with dynamic color can feel like a daunting task. We talked to designers and developers on Google Chrome, and they offered to share some tips on how they approached it at scale for their Android app. Here's what they suggest if you are considering adopting dynamic color in your app.

Where to start

Start by reviewing all your current screens in your app and identify your current colors, themes and surfaces. Chrome kicked off a design review and evaluated their color scheme. Material 3 encourages designers and developers to use color tokens which enable flexibility and consistency across an app by allowing designers to assign an element's color role in a UI, rather than a set value. This is particularly powerful when considering designing for light and dark themes and dynamic color.

An example surface for Chrome, the Tab Switcher, identifying the color token for each element

Figure 1 : An example surface for Chrome, the Tab Switcher, identifying the color token for each element

Your app may already have a color token system, so reviewing how the new Material You dynamic color enabled color scheme matches your previous naming convention is an important exercise. Engineering should align with UX to review the new color token system with your mocks. This is also a good opportunity to review your current colors.xml, themes.xml and styles.xml.In particular check that your app correctly differentiates between Styles and Themes as well as correctly extending from base themes. It is also worth reviewing if there are redundant colors in your existing scheme or an opportunity to make a more consistent color scheme throughout your app. Dynamic color implementation with Compose is also available.


Ensuring your app's color system is accessible is critical for designing for everyone and creating products that are inclusive to the widest possible audience. Dynamic color is committed to guaranteeing that the color selection model has accessibility requirements built in. Material 3 color schemes are defined by tonality rather than hue or hex value, this system of tonal palettes is central to making any color system accessible by default. Using a minimum 60 luminance spread in color pairings provides enough contrast to ensure accessibility standards.

Combining color based on tonality, rather than hex value or hue, is one of the key systems that make any color output accessible.

Figure 2 : Combining color based on tonality, rather than hex value or hue, is one of the key systems that make any color output accessible.

Phase approach

When looking at implementation, consider this upgrade as a phased approach if needed, targeting the primary surfaces first and leveraging that dynamic color can be applied at a per activity level. This was how Chrome was able to update their app and used it as an opportunity to migrate some of their older UI app compat components to the modern Material 3 components, such as Top app bar.

How to support custom colors

Your app may have custom colors or brand colors that you do not want to change with the user's preference. These can simply be added additionally as you are building out your color scheme. Alternatively you can import additional colors to extend your color scheme using the Material Theme Builder to create a unified color system. The theme builder includes a color harmonization feature that shifts the tone of a custom color to ensure that visual balance and accessible contrast is achieved when combined with user-generated colors.

Understand how to harmonize custom colors with the Material guidance.

Figure 3: Understand how to harmonize custom colors with the Material guidance.

For Chrome, here is a deep dive into two examples of where protected colors are important for them and how they approached it.

Publisher colors

It is important that Chrome allows for brands to keep their known colors and not impact that functionality when adopting dynamic color.

Publishers have the ability to set a publisher color using a metadata element in their html. The top toolbar is controlled using a decision tree to programmatically determine the toolbar color and icon color based on a series of cascading rules:


In Incognito mode, the dark gray color scheme has a semantic importance and reassurance for users. Chrome decided to preserve and leverage their existing color system and not change it dynamically.

Phone showing incognito mode

Figure 4: Incognito mode remains the same

To achieve this, Chrome defined non adaptive colors that map to hex values and adaptive colors that map to different non adaptive colors for day/night mode. For incognito mode, Chrome uses the dark non adaptive colors as they are easily recognized by the users as incognito. With these adaptive colors, Chrome created a baseline theme.

The table below shows what their background colors look like after applying dynamic colors:

Table showing what background colors look like after applying dynamic colors

Themes and Theme Overlays

One thing to consider for adhering to theme best practices, is to leverage Theme Overlays properly. The Chrome team used this opportunity to refactor their themes and leveraged the power of Theme Overlays for a given activity. At times Chrome saw that full themes were being used where a ThemeOverlay would be more appropriate. Dynamic color and Material3 encourages better code hygiene.

Take a look at this example, previously the theme for full screen dialogs inherited from a full theme. This overrode all the attributes from the activity theme, undoing the dynamic colors or any overrides that are applied at the activity level. With the dynamic color work, the team became more deliberate in how they define and use their theming.


    <style name="Base.Theme.Chromium.Fullscreen" parent="Theme.BrowserUI.DayNight">
    <item name="windowActionBar">true</item>
          <item name="colorPrimary">...</item>
          <item name="colorAccent">...</item>


    <style name="Base.ThemeOverlay.BrowserUI.Fullscreen" parent="">
    <item name="android:windowContentTransitions">false</item>

Recommendations from Google Chrome designers

This section shares some key lessons that Chrome's designers applied to successfully create an intentional and unified theme

Recommendations from Google Chrome developers

This section shares some key lessons that Chrome's developers applied to successfully migrate

Dynamic color is coming to more Android 12 phones globally, including devices by Samsung, OnePlus, Oppo, Vivo, realme, Xiaomi, Tecno, and more! As you work with dynamic color in your app, we'd love to get your feedback via the Material Android issue tracker. Happy coloring!

27 May 2022 5:07pm GMT

23 May 2022

feedAndroid Developers Blog

Modern Android Development at Google I/O ‘22

Posted by Nick Butcher, Developer Relations Engineer

Blue Jetpack Compose logo

Our goal is to make developing beautiful and engaging Android apps as fast and easy as possible. We want to take on the complex parts of building apps so that you can focus on your app's features and deliver high quality experiences to your users.

We call this approach Modern Android Development (or MAD for short!) and deliver it through a suite of tools, libraries and guidance. At Google I/O we announced a number of updates and additions to our MAD offerings; here's a recap of the three largest announcements.

#1 Compose 1.2 Beta

Jetpack Compose 1.2 reaches the first Beta, which means the API is stable. We continue to build out our roadmap, bringing the APIs you need to support more advanced use cases like downloadable fonts, LazyGrids, window insets, nested scrolling interop, and more tooling support with features like LiveEdit, Recomposition counts in the Layout Inspector and Animation Preview. Learn more about how developers like Airbnb are improving their productivity with Jetpack Compose, and check out what else is new in Compose.

#2 Baseline Profiles

Baseline profiles allow you to embed a profile to guide the Android Runtime about which code paths should be pre-compiled rather than interpreted, which could dramatically impact critical user journeys like app startup. This is especially significant when using unbundled libraries like Jetpack Compose which don't benefit from optimizations in platform code.

Many Jetpack libraries (including Jetpack Compose) already ship baseline profiles, but you can learn how to add them to your own apps and libraries to boost their performance. We've seen up to 40% faster app startup times thanks to adding baseline profiles alone, no other code changes required!

#3 Live Edit

With Live Edit you can edit composables and view those changes in real time, on the Compose Preview or on physical devices or emulators, enabling rapid iteration. Live Edit is an opt-in experimental feature in Android Studio Electric Eel, with a number of limitations. Please try it out and provide your feedback.

Those were the top three announcements about Modern Android Development at Google I/O. To learn more, check out the full playlist of talks and workshops.

23 May 2022 5:00pm GMT

17 May 2022

feedAndroid Developers Blog

Boost the security of your app with the nonce field of the Play Integrity API

Posted by Oscar Rodriguez, Developer Relations Engineer

illustration with a mobile device displaying a security shield with a check mark, flow chart imagery, and Android logo

With the recent launch of the Play Integrity API, more developers are now taking action to protect their games and apps from potentially risky and fraudulent interactions.

In addition to useful signals on the integrity of the app, the integrity of the device, and licensing information, the Play Integrity API features a simple, yet very useful feature called "nonce" that, when correctly used, can further strengthen the existing protections the Play Integrity API offers, as well as mitigate certain types of attacks, such as person-in-the-middle (PITM) tampering attacks, and replay attacks.

In this blog post, we will take a deeper look at what the nonce is, how it works, and how it can be used to further protect your app.

What is a nonce?

In cryptography and security engineering, a nonce (number once) is a number that is used only once in a secure communication. There are many applications for nonces, such as in authentication, encryption and hashing.

In the Play Integrity API, the nonce is an opaque base-64 encoded binary blob that you set before invoking the API integrity check, and it will be returned as-is inside the signed response of the API. Depending on how you create and validate the nonce, it is possible to leverage it to further strengthen the existing protections the Play Integrity API offers, as well as mitigate certain types of attacks, such as person-in-the-middle (PITM) tampering attacks, and replay attacks.

Apart from returning the nonce as-is in the signed response, the Play Integrity API doesn't perform any processing of the actual nonce data, so as long as it is a valid base-64 value, you can set any arbitrary value. That said, in order to digitally sign the response, the nonce is sent to Google's servers, so it is very important not to set the nonce to any type of personally identifiable information (PII), such as the user's name, phone or email address.

Setting the nonce

After having set up your app to use the Play Integrity API, you set the nonce with the setNonce() method, or its appropriate variant, available in the Kotlin, Java, Unity, and Native versions of the API.


val nonce: String = ...

// Create an instance of a manager.
val integrityManager =

// Request the integrity token by providing a nonce.
val integrityTokenResponse: Task<IntegrityTokenResponse> =
             .setNonce(nonce) // Set the nonce


String nonce = ...

// Create an instance of a manager.
IntegrityManager integrityManager =

// Request the integrity token by providing a nonce.
Task<IntegrityTokenResponse> integrityTokenResponse =
            .setNonce(nonce) // Set the nonce


string nonce = ...

// Create an instance of a manager.
var integrityManager = new IntegrityManager();

// Request the integrity token by providing a nonce.
var tokenRequest = new IntegrityTokenRequest(nonce);
var requestIntegrityTokenOperation =


/// Create an IntegrityTokenRequest object.
const char* nonce = ...
IntegrityTokenRequest* request;
IntegrityTokenRequest_setNonce(request, nonce); // Set the nonce
IntegrityTokenResponse* response;
IntegrityErrorCode error_code =
        IntegrityManager_requestIntegrityToken(request, &response);

Verifying the nonce

The response of the Play Integrity API is returned in the form of a JSON Web Token (JWT), whose payload is a plain-text JSON text, in the following format:

  requestDetails: { ... }
  appIntegrity: { ... }
  deviceIntegrity: { ... }
  accountDetails: { ... }

The nonce can be found inside the requestDetails structure, which is formatted in the following manner:

requestDetails: {
  requestPackageName: "...",
  nonce: "...",
  timestampMillis: ...

The value of the nonce field should exactly match the one you previously passed to the API. Furthermore, since the nonce is inside the cryptographically signed response of the Play Integrity API, it is not feasible to alter its value after the response is received. It is by leveraging these properties that it is possible to use the nonce to further protect your app.

Protecting high-value operations

Let us consider the scenario in which a malicious user is interacting with an online game that reports the player score to the game server. In this case, the device is not compromised, but the user can view and modify the network data flow between the game and the server with the help of a proxy server or a VPN, so the malicious user can report a higher score, while the real score is much lower.

Simply calling the Play Integrity API is not sufficient to protect the app in this case: the device is not compromised, and the app is legitimate, so all the checks done by the Play Integrity API will pass.

However, it is possible to leverage the nonce of the Play Integrity API to protect this particular high-value operation of reporting the game score, by encoding the value of the operation inside the nonce. The implementation is as follows:

  1. The user initiates the high-value action.
  2. Your app prepares a message it wants to protect, for example, in JSON format.
  3. Your app calculates a cryptographic hash of the message it wants to protect. For example, with the SHA-256, or the SHA-3-256 hashing algorithms.
  4. Your app calls the Play Integrity API, and calls setNonce() to set the nonce field to the cryptographic hash calculated in the previous step.
  5. Your app sends both the message it wants to protect, and the signed result of the Play Integrity API to your server.
  6. Your app server verifies that the cryptographic hash of the message that it received matches the value of the nonce field in the signed result, and rejects any results that don't match.

The following sequence diagram illustrates these steps:

Implementation diagram for encoding the value of the operation inside the nonce. Steps outlined in the body of the blog.

As long as the original message to protect is sent along with the signed result, and both the server and client use the exact same mechanism for calculating the nonce, this offers a strong guarantee that the message has not been tampered with.

Notice that in this scenario, the security model works under the assumption that the attack is happening in the network, not the device or the app, so it is particularly important to also verify the device and app integrity signals that the Play Integrity API offers as well.

Preventing replay attacks

Let us consider another scenario in which a malicious user is trying to interact with a server-client app protected by the Play Integrity API, but wants to do so with a compromised device, in a way so the server doesn't detect this.

To do so, the attacker first uses the app with a legitimate device, and gathers the signed response of the Play Integrity API. The attacker then uses the app with the compromised device, intercepts the Play Integrity API call, and instead of performing the integrity checks, it simply returns the previously recorded signed response.

Since the signed response has not been altered in any way, the digital signature will look okay, and the app server may be fooled into thinking it is communicating with a legitimate device. This is called a replay attack.

The first line of defense against such an attack is to verify the timestampMillis field in the signed response. This field contains the timestamp when the response was created, and can be useful in detecting suspiciously old responses, even when the digital signature is verified as authentic.

That said, it is also possible to leverage the nonce in the Play Integrity API, to assign a unique value to each response, and verifying that the response matches the previously set unique value. The implementation is as follows:

  1. The server creates a globally unique value in a way that malicious users cannot predict. For example, a cryptographically-secure random number 128 bits or larger.
  2. Your app calls the Play Integrity API, and sets the nonce field to the unique value received by your app server.
  3. Your app sends the signed result of the Play Integrity API to your server.
  4. Your server verifies that the nonce field in the signed result matches the unique value it previously generated, and rejects any results that don't match.

The following sequence diagram illustrates these steps:

Implementation diagram for assigning a unique value to each response, and verifying that the response matches the previously set unique value. Steps outlined in the body of the blog.

With this implementation, each time the server asks the app to call the Play Integrity API, it does so with a different globally unique value, so as long as this value cannot be predicted by the attacker, it is not possible to reuse a previous response, as the nonce won't match the expected value.

Combining both protections

While the two mechanisms described above work in very different ways, if an app requires both protections at the same time, it is possible to combine them in a single Play Integrity API call, for example, by appending the results of both protections into a larger base-64 nonce. An implementation that combines both approaches is as follows:

  1. The user initiates the high-value action.
  2. Your app asks the server for a unique value to identify the request
  3. Your app server generates a globally unique value in a way that malicious users cannot predict. For example, you may use a cryptographically-secure random number generator to create such a value. We recommend creating values 128 bits or larger.
  4. Your app server sends the globally unique value to the app.
  5. Your app prepares a message it wants to protect, for example, in JSON format.
  6. Your app calculates a cryptographic hash of the message it wants to protect. For example, with the SHA-256, or the SHA-3-256 hashing algorithms.
  7. Your app creates a string by appending the unique value received from your app server, and the hash of the message it wants to protect.
  8. Your app calls the Play Integrity API, and calls setNonce() to set the nonce field to the string created in the previous step.
  9. Your app sends both the message it wants to protect, and the signed result of the Play Integrity API to your server.
  10. Your app server splits the value of the nonce field, and verifies that the cryptographic hash of the message, as well as the unique value it previously generated match to the expected values, and rejects any results that don't match.

The following sequence diagram illustrates these steps:

implementation diagram for combining both protections. Steps outlined in the body of the blog.

These are some examples of ways you can use the nonce to further protect your app against malicious users. If your app handles sensitive data, or is vulnerable against abuse, we hope you consider taking action to mitigate these threats with the help of the Play Integrity API.

To learn more about using the Play Integrity API and to get started, visit the documentation at g.co/play/integrityapi.

17 May 2022 5:00pm GMT

12 May 2022

feedAndroid Developers Blog

Airbnb uses Jetpack Compose to empower devs to do their best work

How Compose enables Airbnb to create better host and guest experiences

Airbnb uses Jetpack Compose to empower devs to do their best work

Since 2007, Airbnb has grown to connect more than 4 million hosts with more than 1 billion guests across the globe. One of the reasons behind the app's success is that its developers aim to achieve engineering excellence by focusing on two main principles: using technology that sparks innovative development and empowering the engineers behind the work.

Jetpack Compose, Android's modern UI-building toolkit, directly supports both of Airbnb's development principles. Compose provided a solid foundation for adaptable, quality engineering and reduced boilerplate code, so developers could focus on delivering a great user experience - and advance their two-fold pursuit of engineering excellence.

Image with Airbnb tech lead

Airbnb started testing Compose in 2020 when it was in developer preview. As an early adopter, the Airbnb team was eager use the various new features and simplify their workflow. Now, having gained confidence using Compose in production, Airbnb engineers continue to be satisfied with how it improved their development process.

Equipping engineers for success

Compose's deterministic testing helped ensure Airbnb's engineers had tight control over the UI tests they ran and eliminated common flakiness, thereby strengthening their confidence in the quality of every part of their app and the user experiences they were creating. Engineers can now also use Compose to test animations they previously couldn't.

Similarly, Airbnb developers used Compose to add automated screenshot tests to their codebase. Because they didn't need to write the code for screenshot testing, engineers could go straight into using it to catch bugs and regressions. This gave them more time to review and guarantee feature functionality and UI appearance across a variety of devices.

Compose is great to use alongside Views. This interoperability made it easy for Airbnb engineers to onboard and test the new UI toolkit at their own pace, so they were able to experience the benefits of Compose without having to migrate entire features.

These engineering improvements gave them the solid technical foundations they needed to serve users in fresh and improved ways.

Engineering efficiencies improve user experiences

Airbnb keeps hosts and guests at the heart of their decisions. The engineering team was excited to adopt Compose when they learned about how it would enable them to more easily and efficiently produce UI, resulting in better experiences for their end users.

Because Compose made Airbnb's features require significantly less code to write and manage, the Airbnb team boosted their efficiency. All of this meant the team could focus its energy on executing the complex tasks involved in developing the innovative features that could best serve users.

Because their features now require less code, the Airbnb team will be able to slow the growth of their app size in the long run. Providing a smaller app is important to Airbnb as an organization with users across the globe that looks to ensure all hosts and guests can easily download and access their app - especially those with older devices or logging on from countries with high data costs.

Using Compose's engineering enhancements, the Airbnb team was able to put user needs first.

Improve developer productivity with Compose

Compose simplified UI development to allow Airbnb engineers the freedom to focus on more dynamic and innovative features that benefit the app's hosts and guests.

Learn how you can improve your team's productivity with Jetpack Compose.

12 May 2022 8:30pm GMT

Now in Android - a new, open source, real-world sample app

Posted by Paris Hsu, Product & Design, Android and Don Turner, Developer Relations Engineer, Android

Now in Android Splash logo

The Now in Android app is now on GitHub!

For two years, 'Now in Android' has been a popular blog and YouTube series, providing you with the latest and greatest developer news from the Android team. Starting today, you can check out the alpha version of the Now in Android app on GitHub! 🎉

The app has two goals:

Firstly, it showcases best practices, opinionated designs, and solutions to complex real-world problems which other sample apps don't handle. It does so with an open source implementation of a real world app.

Secondly, it helps you (the developer) keep up to date with the areas of Android development which interest you most. It is a working app planned for publication on the Play Store.

image of Now in Android app screen designs on three phones

Now in Android app screen designs

For this first alpha release, the Now in Android app includes:

As well as these features, we are also documenting the learning journeys we took to certain decisions with the app's design and implementation. Check out our first journey on the app's Architecture here.

image showing how the Now in Android app adapts based on device screen size

The Now in Android screens adapt based on device screen size

Since this is an alpha release, we expect that there will be bugs and missing features, and we would greatly appreciate your feedback. We have some exciting features planned, such as user authentication and loading data from a real backend. We can't wait for you to check out the app and let us know what you think!

Finally, if you want to learn about the tools we used to build the app and how we target multiple screen sizes, check out these talks from this year's Google I/O:

12 May 2022 5:00pm GMT

10 Nov 2011

feedAndroid Forums

Latest action game INC from OrangePixel now available!

From the developer of Meganoid and Stardash comes a new action arcade game: INC! http://www.youtube.com/watch?v=9j5OEG-3RyM Get it from the...

10 Nov 2011 9:31am GMT

Free online video chat

More than 1000 broadcast cameras for you online - the most incendiary models in Russia. 1000 girls, 1000, the temptations, 1000, full of desire - all...

10 Nov 2011 7:48am GMT

Layout problem

Hi Friends I decided to work with a tab layout application. Program consist of 3 tabs and a button. I like to place the button below the tab. ...

10 Nov 2011 5:20am GMT

[ANDROID]5 New Live Wallpapers for ANDROID !

*1-) Spectrum ICS * Image: http://i.imgur.com/IjE5B.jpg *2-) Alien Shapes* Image: http://i.imgur.com/7hQHA.jpg

10 Nov 2011 12:50am GMT

09 Nov 2011

feedAndroid Forums

New to Android, thinking of getting Asus Transformer

Hey all, New to this site and Android. I'm a 50 year old fireman who has resisted the newest tech gadgets but am wanting a tablet for use at home....

09 Nov 2011 10:33pm GMT

Island Fortress - "reverse Angry Birds" (FREE GAME)

Island Fortress is a free physics based puzzle/construction game where player has to defend the treasure from the pirate's cannonballs....

09 Nov 2011 8:42pm GMT

Unlock Code Question (MyTouch 3G)

I have a question about using an unlock code with an HTC T-Mobile MyTouch 3G. So I got the phone from a guy on Craigslist, and I have AT&T. In order...

09 Nov 2011 8:28pm GMT

[Game] Mini-Bubbles

Free Mini-Bubbles Android Market Link: https://market.android.com/details?id=br.com.dotfive.minibubbles Pop the most bubbles you can within...

09 Nov 2011 6:39pm GMT

Top 6 Android Tablet For 2011

Well now a days we are seeing new tablets coming every day and we see new upcoming tablets leaks too! It's difficult to choose best one which works...

09 Nov 2011 4:15pm GMT

unlock code

Hello, I need unlock code for telephone my touch 3g tmobile. thanks

09 Nov 2011 2:56pm GMT