Google is baking its most aggressive security settings yet into Android 16, rolling out an ‘Advanced Protection’ mode aimed at blocking mobile malware exploits from commercial spyware vendors and scammers.
The setting, which resembles Apple’s iOS Lockdown Mode, bundles multiple safeguards under a single toggle and is aimed at journalists, officials and other high-risk users who have become prime targets for mobile malware implants.
Once enabled, Google said the new Advanced Protection will enforce mandatory Verified Boot, exploit-mitigating Memory Tagging, automatic blocking of risky USB connections and 2G-only networks, and a blanket ban on sideloading or disabling Play Protect while the phone is in use.
A major feature is Intrusion Logging, an encrypted, tamper-proof log vault that Google is positioning to incident-response teams as a tool to reconstruct what happened if spyware does slip through, solving a forensic blind spot that has long frustrated investigators.
“Once a user turns on Advanced Protection, the system prevents accidental or malicious disablement of the individual security features under the Advanced Protection umbrella. This reflects a “defense-in-depth” strategy, where multiple security layers work together,” Google explained.
The tech giant said Advanced Protection will also incorporate third-party applications that choose to integrate in the future.
The Advanced Protection suite also includes theft-detection auto-locking, an offline device lock, safe browsing features from Chrome, Javascript protections, AI-powered automatic call screening, and scam detection for Phone by Google.
Advanced Protection ships with Android 16 this fall and Google plans to add Intrusion Logging, USB protection, the option to disable auto-reconnect to insecure networks, and integration with Scam Detection for Phone by Google later this year.
The new Android security tooling comes as Google’s own threat-intel team counted 75 in-the-wild zero-days last year, many weaponized by surveillance vendors and later repurposed by state hackers.
Apple’s Lockdown Mode was the first mainstream answer to that threat, shutting off attack-prone services on iPhones and iPads; Android’s move brings parity for hundreds of millions of users outside Apple’s ecosystem.
Related: Can ‘Lockdown Mode’ Solve Apple’s Mercenary Spyware Problem?
Related: Apple Adds ‘Lockdown Mode’ to Thwart .Gov Mercenary Spyware
Related: Apple Adds ‘BlastDoor’ to Secure iPhones From Zero-Click Attacks
Related: Google: NSO Zero-Click ‘Most Technically Sophisticated Exploit Ever Seen’
Related: Apple Slaps Lawsuit on NSO Group Over Pegasus iOS Exploitation
