Now that Google has begun releasing the Android 15 Developer Preview, we’ll start seeing a lot of new features being uncovered in the latest update. One of these features, which has just been discovered, actually comes from the Android 14 QPR3 Beta 1. From what we know, it seems that a future version of Android might have some safeguards in place to stop scammers from getting hold of sensitive information.
Mishaal Rahman found a new feature while going through the Android 14 QPR3 Beta 1. He mentions a new permission called RECEIVE_SENSITIVE_NOTIFICATIONS, which has a protectionLevel of role|signature. This means it can only be given to apps with a specific role or to apps that the OEM signs. It’s important to note that the exact role that grants this permission hasn’t been defined yet. Rahman also suggests that Google might not allow third-party apps to use this permission.
Rahman also thinks this permission might be linked to a feature that will hide sensitive info from untrusted apps that use a NotificationListenerService. He also says that this API is what lets apps read or act on all notifications. Users will have to manually give app permissions in Settings before they can use the NotificationListenerService API.
Rahman points out that the API is super powerful, which is why it makes sense for Google to want to control it. Right now, we don’t know the full extent of this permission or how Google will use it in Android 15.
However, we really, really hope that with the new update, this actually becomes a standard practice for people who are worried about getting scammed, especially when they receive OTP messages. Let’s be honest: scammers and hackers are everywhere and are often just waiting for us to make one wrong move. After that, things can get messy really fast.