- Google is testing a feature for Advanced Protection Mode that restricts apps that use the AccessibilityService API unless they are classified as accessibility tools.
- When enabled, the system will prevent users from granting these permissions and will automatically revoke them from already installed apps.
- This change, spotted in Android Canary, aims to protect high-risk individuals from apps that might misuse screen-reading, gesture, or other capabilities granted through the AccessibilityService API.
With Android 16, Google introduced Advanced Protection Mode, a one-click security mode that enables all of Android’s highest security features to safeguard high-risk individuals against online attacks, harmful apps, and data risks. When toggled on, various security features across the OS, such as Intrusion Logging, USB Protection, and Android Safe Browsing, are enabled with a single click. We’ve now spotted Google working to add restrictions related to Accessibility services to Advanced Protection Mode.
You’re reading an Authority Insights story. Subscribe to our new Authority Insights newsletter for more exclusive reports, app teardowns, leaks, and in-depth tech coverage you won’t find anywhere else.
Accessibility Service API and its potential for misuse
Over the past decade, many Android apps have used (and misused) the AccessibilityService API to work around various system limitations and issues, beyond just assisting users with disabilities. Over the years, Google has hardened its policies to prevent apps from abusing the API to provide workarounds, citing security risks as abusive apps with accessibility permissions could read screen content and perform gestures on behalf of the user. One such move is identifying apps that serve as Accessibility Tools and others that do not.
​Â
