Sensitive notifications are hidden with Android 16 DP1

In its first developer preview (DP1) for Android 16, Google offers a new feature that automatically hides sensitive notifications on the lock screen to increase user privacy. This innovation aims to prevent notifications containing two-factor authentication (2FA) codes from being seen by unauthorized persons.

Displaying notifications on the lock screen on Android devices allows users to quickly see incoming messages without turning on their devices. However, this brings with it the risk of sensitive information being seen by unwanted parties. In particular, critical information such as 2FA codes can lead to security vulnerabilities when displayed on the lock screen. Google is taking steps to solve this problem with Android 16 DP1.

Android 16 DP1 evaluates the content of certain notifications as sensitive through the Android System Intelligence service and automatically hides them on the lock screen. Initial observations show that this feature is especially effective for notifications containing a one-time password (OTP). However, it is thought that the system can also hide other sensitive content.

This feature works even if the “Settings > Notifications > Sensitive Notifications” option in the settings menu is enabled. Normally, this setting hides the title and summary of all notifications on the lock screen, while only showing which apps are sending notifications. The “Notifications on lock screen” option on the same page allows you to choose between hiding all notifications, hiding only chat notifications, or showing all content.

These two options together give the user extensive control over lock screen notifications. However, many users prefer a configuration with default settings, that is, where all notification contents are visible on the lock screen. Despite this default configuration, Android 16 DP1 automatically hides sensitive notifications, preventing information from being shared unintentionally.

Android 16 inherits the baton from Android 15

This innovation in Android 16 is a continuation of a security feature launched in Android 15. In Android 15, notifications containing two-factor authentication codes could not be viewed by third-party apps even if they had permission to read notifications. The Android System Intelligence service analyzed these notifications, detecting sensitive content and hiding the relevant data before it was transmitted to third-party applications. Android 16 expands on this feature, protecting sensitive content not only from third-party apps but also from being displayed on the lock screen.

This step by Google is seen as part of a comprehensive effort to increase user privacy. This feature, which minimizes the risk of misuse of two-factor authentication codes, takes the security of Android users one step further.