Google will strictly limit the use of accessibility features in Android 13

Based on security considerations, Google will continue to strictly limit the use of Android accessibility features, and the restrictions will be even stricter in the Android 13 version. Accessibility was originally designed for people with disabilities, such as screen reading and voice commands for control and input. But Android accessibility has been heavily abused over the past few years, with many apps not designed for people with disabilities but using accessibility to develop other features.

Even before, there are malware that used auxiliary functions to automatically click on advertisements, steal verification codes, automatically download and promote applications, and so on. Based on these circumstances, Google has considered strictly restricting accessibility functions.

Currently, if a developer uses accessibility features, the application must theoretically be designed for disabled people, and if not, the developer needs to provide detailed instructions. Only when the reason is sufficient can it be listed on the Google Play Store for users to download, and other unnecessary calls will be directly rejected by Google.

In this case, hackers can also induce users to install by directly downloading the installation package, thereby bypassing Google’s censorship mechanism and continuing to invoke auxiliary functions. Google has discovered this vulnerability and is preparing to tighten restrictions in Android 13. If it is installed through the installation package, it will directly prohibit the invocation of auxiliary functions.

The new policy that Google will implement is that if a user installs an app from outside the Play Store that needs to invoke accessibility features, the system will directly refuse to turn on accessibility features. That is to say, if a user wants to install an app that calls accessibility functions, it must be installed from a regular store, such as Google Play, or an alternative store such as F-Droid. This can prevent users from being fooled by hackers to sideload malware and enable accessibility features, which may also affect many normal applications.
However, Google has not announced these policies yet, and it is estimated that it will be revealed when Google introduces Android 13 at the Google I/O 2022 developer conference.

Via: esper