Android 15 may be able to isolate misbehaving apps

The Android operating system provides strong protection against malicious and misbehaving applications. Even so, bad apps sometimes slip through the cracks, in which case Google Play Protect may step in and delete them automatically. As with any advanced anti-malware software, Play Protect’s detection won’t be 100% accurate, which is why it usually errs on the side of caution and asks users if they want to remove potentially unwanted apps. With the upcoming Android 15 update, the system may add a new way for services like Play Protect to protect users from misbehaving apps: by quarantining them.

If you’ve ever used antivirus software on a desktop operating system such as Windows, you’re probably familiar with the concept of quarantine software. When antivirus software quarantines a file, it does so because it suspects the file is malicious but cannot delete the file, or leaves the decision up to the user because it is not sure whether the file is actually malicious. Quarantined files are isolated from the rest of the system so they cannot be executed, ensuring that any malware that might be inside them cannot do any dirty work.

The traditional concept of quarantined software doesn’t exist in Android, mostly because the operating system was designed from the ground up to be virus-proof. Applications cannot gain system-level access, are sandboxed by default, and can only communicate with each other using well-defined APIs, which can only be accessed with well-defined permissions. That’s why you don’t actually need to download a third-party antivirus or anti-malware app for Android. Since Android works differently than Windows, it’s no surprise that isolation software on Android works slightly differently than on Windows.

Android 15 app isolation: How it works

When an application is isolated in Android, its behavior will be different from non-isolated applications. It is still visible in the user’s home screen launcher and Android settings, with some limitations:

1. Notifications from it will not be displayed
2. All its windows will be hidden and activities that have been started will be stopped
3. It will not make the device ring
4. Other applications cannot query its service (although its activity can)
5. Unable to bind or receive broadcasts from the system or other applications
6. It cannot be resolved (i.e. it does not show up in the intent disambiguation dialog)

Therefore, quarantined apps behave similarly to disabled apps, but disabled apps do not appear in the home screen launcher. Isolating an app is also similar to suspending an app, which is what Digital Health Services does to pause a distracting app, but individual components of a quarantined app may appear disabled, as mentioned previously. So, it’s safe to say that the new quarantine state is somewhere between the existing suspended and disabled states.

In fact, the API used to isolate the application is the same as the API used to suspend the application, but an additional flag is passed.During testing and development of this feature, system applications SUSPEND_APPS Quarantine applications are allowed, but the related methods have been updated to require the use of new QUARANTINE_APPS allow. This permission can only be held by system “certifier” applications or applications signed with the same certificate used to sign the operating system. Therefore, only services like Play Protect (part of the Google Play Store) can isolate apps.

Unfortunately, I don’t know when Google will actually roll out this new feature. I first found evidence of app isolation in Android 14 QPR2 Beta 1 in November, but the developer page for “isolated apps” has since been removed. The feature flag to enable OS-level support for application isolation is still present, but applications cannot be manually isolated, even from the command line.Additionally, neither the Google Play Store nor the Google Play Services app currently requests QUARANTINE_APPS allow. So it’s entirely possible that the feature won’t launch in Android 15, but it might end up in a future version.

When application isolation is enabled, the UI shown above may undergo some adjustments. Applications that call the API to suspend or quarantine an application can customize the dialog box that is displayed to the user when the user attempts to launch the suspended or quarantined application. Whichever system app ultimately implements Android’s app isolation feature will likely customize the dialog box, such as “[X] The application has been quarantined for your security” and then explain why it was quarantined.

Even though Android hasn’t had a need for App Isolation for a long time, I’m still happy to see it added, because there’s no way a service like Play Protect can be 100% accurate, even if the system does a pretty good job of catching malware. Good and misbehaving apps.