Android 7.0: What is Direct Boot, and how will it improve your experience?

By Jerry Hildenbrand
last updated

We all hate it when our phone reboots. Sometimes we mean for it to happen and sometimes we don't, but a reboot means we aren't logged in, preventing many background tasks from working. It's even worse if you use your phone as an alarm clock or reminder.

Android 7.0 Nougat can help through its Direct Boot feature.

What is Direct Boot?

We've all probably been there. We have a lock screen so nobody else can see what we have stored on our phones (everyone has that one friend) and something happened and our phone rebooted. If you didn't realize it, you may be sitting there happy (or sad) that you aren't getting buzzed every 10 minutes — until you notice and log in, only to see everything you missed. Hopefully, it wasn't something too important.

Not every app needs to use Direct Boot, and developers need to think before they enable it.

Google has things covered in Android Nougat, potentially making that scenario a thing of the past. We assume Android 7.0 will be stable, and any reboots few and far between, but just in case, the new Direct Boot feature will let an app (or part of an app) run as soon as your phone is finished booting and before you sign in.

Keeping you secure, and informed

The way things work as of Android Marshmallow is pretty good from a security perspective. When your phone gets turned on or recovers from a reboot, the operating system loads and then everything halts while it waits for user input. That means you need to enter your password or PIN or you need to swipe your pattern. Even if you don't lock your phone you need to swipe the lock screen away. (But please, lock your phone.) If you have an encrypted phone, the data you have stored stays encrypted and unavailable by any means until you get logged in. That's a good way to help you keep unwanted eyes off of your stuff.

With Android 7.0, there's a new step in the boot process. Once your phone is fully powered up and Android is running, there's a method for developers to allow communication before you log in. Everything else stays locked up, and you can't interact with any other app. Google has even inserted a new storage area called Device Storage for apps that need to run immediately because they will have no access to the normal credential-protected file system.

A new storage area is in place for apps that need Direct Boot because everything else is still protected.

Here's an example of how this would work with a simple messenger client. The developers of the messenger can allow the app to collect messages and fire off a notification before you unlock your phone for the first time, but you wouldn't be able to access your photos to send a reply because they are protected by your login password.

To get to them you would need to log on. For encrypted devices, Direct Boot mode allows for data in the new Device Storage area to run while the rest of the data on the phone stays encrypted. It's a nice compromise between security and convenience. Google is getting pretty damn good at those, and it's working — more people are locking their phones and protecting their privacy and data. To Google, that's a good thing. And we agree.

Not for every app

Not every app will (or should) start running immediately. The Googlers we talked to at Google I/O this year all agreed that most apps shouldn't run right away using direct boot. The new mode is reserved for things that you need right away and you don't want to miss after a reboot. Examples are your alarm clock, your texting app, or an app that helps in the accessibility department — these are the types that need to run right away. Developers can add the functionality to any app when it's installed on a phone running Android 7.0 (API 24) or higher.

Google tells us they won't stand for apps that try to abuse Direct Boot.

The folks we talked to also were aware that this could be abused. Nobody wants some spammy ad network dropping links in their notification bar or the lock screen every time the phone starts. And some apps shouldn't be storing things until you log in and decrypt them. For apps that are in Google Play, they will take claims about apps abusing the Direct Boot feature very seriously, and won't hesitate to remove them from the Play Store.

Direct Boot is another of those features you can't see but needed a lot of creative thinking and engineering to implement. These small features and improvements should add some much-needed polish to Android, and make our phones work better for us.

If you're a developer and interested in Direct Boot, be sure to check out the documentation at the Android Developer site as well as watching the video below.

Jerry Hildenbrand
Jerry Hildenbrand
Senior Editor — Google Ecosystem

Jerry is an amateur woodworker and struggling shade tree mechanic. There's nothing he can't take apart, but many things he can't reassemble. You'll find him writing and speaking his loud opinion on Android Central and occasionally on Twitter.

34 Comments
  • Waiting for comment "Samsung has had this for years". Posted from Nexus 6
  • Lol, in this case I doubt it. All that stuff Samsung has had for years that people call bloat is making it's way into Android though which is really nice. People stop calling it bloat once Google adopts it but whatever.
  • I know, the most important things about updates are under the hood. Posted from Nexus 6
  • Lol yup Posted via the Android Central App
  • Well technically speaking, by nature--features that are not part of the base platform ARE bloat. When Google adopts those features and incorporates them into the base platform, they are no longer bloat.
  • The base platform is AOSP. What Nexus have is Google's interpretation of it. So, no..some of it it's still "bloatware", as in "not part of the base."
  • The software on a nexus phone isn't straight-up AOSP Posted via the Android Central App
  • I would argue that for the typical consumer they differentiate between gimmicky features that provide no value & then bloatware apps. OEM "Bloat" isn't useful features added to the OS. Rather it's gimicky features that provide no value or security, and can't be disabled. And also OEM bloat is also typically the double mimic apps, where Samsung (and others) adds a "me-too" app to siphon sales into their hardware vendor ecosystem, while also having the original cross-hardware Google Apps installed. Two messaging clients, two app stores, two music players, etc. Adding a useful basic feature for security or productive value, isn't typically considered bloat by the average person. Posted via the Android Central App
  • Given how often I see things like this http://www.androidpolice.com/2016/08/11/rootjunky-discovers-frp-bypass-m... isn't Direct Boot just an invitation for more of the same? Seems like once you open Pandora's Box there's no putting the genie back in the bottle (to mix metaphors).
  • Or a way to fix all that by creating a new boot mode that has zero access to anything not allowed to run on it. This is being presented as a convenience feature (and it is) but it's also very much a security feature. With Direct boot enabled, the rest of the system simply doesn't exist until the correct login is given. It doesn't need to exist because essential functions can be run without it in the new mode.
  • Sounds like a super way to save battery if you wanted. Reboot your phone and only give it access to alarms, messages and the dialer/phone or whatever is responsible for the actual calls :)
  • dude. That's a great idea.
  • +100 vzw Moto XPE/N7
  • +1000 Google need to read this lol Posted via the Android Central App
  • Man if only I hadn't read this late. I had the same exact idea lol.
  • Thanks Jerry for another informative article. These types of articles keep me coming back to AC, AND listening to the podcast!
  • I'll 2nd that.
  • Thanks guys :) Comments like this make me want to keep writing them!
  • Thanks for being nice in the comments. It's always a pleasure to hear positive feedback for the hard work!
  • My clock is always wrong when my Nexus 5 reboots to the lock screen. Hope it's fixed in the next release.
  • I'm curious, doesn't Android phones already kinda have something like this? How else would alarm clocks and the phone work of5 they already didn't have this? Posted via the Android Central App
  • They wouldn't and don't
  • Of course they do. I reboot my phone frequently and it's always locked after a boot and my alarm still works,my emails come in and I get notified, same with WhatsApp or any other message system I have. These apps auto start after a boot and I don't understand that article of Jerry at all. Maybe I misunderstand things but I can reboot all day long and everything I do want to work works.
  • Which phone and OS version are you using? This is a feature for users that have set their device to be encrypted on boot up, and require a pin to complete the start up process. It would allow alarms and messages to come through, even if the user hadn't entered their PIN to decrypt the storage.
  • Oh, so in other words encryption - which is only used on the latest Nexus (and flagship - do they all have manditory encryption these days?) phones, actually *breaks* behavior that used to work on all Android phones? I'm running Marshmallow on my Nexus 4. The filesystem isn't encrypted, and reboots don't seem to break anything. Didn't know that an upgrade would change that. When I read the headline, I thought this was going to be my pet feature suggestion - a way to flag apps as 'launch without unlocking'. That would let you launch an app into 'pinned' mode directly from the lock screen, and let you for example, play a move in Words With Friends without having to unlock your phone, leaving it locked when you're done. That should be easy to implement, and has to be potentially useful for somebody besides me...
  • It's not necessarily "breaking" features, it's not letting someone access any part of the system unless the correct decryption password is entered. It's making the phone more secure. On your second paragraph, that sounds kinda niche. Who is going to do that type of action, but not unlock their phone and go to the app?
  • I guess 'breaking features' was overstating it. But my point was that it's not obvious that a good new feature like device encryption would have such a nontrivial downside. Google does this kind of thing too often without thinking out the consequences. I guess we'll have to see whether this new workaround introduces other issues. And yeah, maybe 'open app without unlocking' is kind of niche - but then perhaps you've never played a WWF marathon. Unlocking every 5 minutes just to make your next move is a pain. A fingerprint scanner probably helps - but then the whole idea of lock screen notifications becomes superfluous. Another half baked google idea that's only useful if you don't care atvall about privacy - I.e. allow email contents on your lockscreen. Posted via the Android Central App
  • I don't think I've had a phone just reboot on me since froyo or ICS. Posted via the Android Central App
  • Lucky you. Posted via the Pokemon Central App
  • I've had it happen here and there but nothing too major. I have more lock ups than anything and it's usually on bad mobile websites with a bunch of ads.
  • Do NOT allow this permission on your device! ! I can hack you easily with this exploit. Fsociety Posted via the Android Central App
  • Wat
  • Hmmm it isn't even out and they are hacking it already....?
  • How does this work for multi-user devices. Would notifications for all users start appearing? Posted via the Android Central App