Quietly and without any fanfare, Google disabled the ability for Android Pay to make payments on phones with unlocked bootloaders; landing in line with its previously held policy of not allowing rooted phones to access the payment system. It's frustrating to some, but it's the right move and it's in line with Google's vision for the security of its platform and services.
Android, as built by Google and not modified or having native security features disabled, is really secure. Security chief Adrian Ludwig speculates that one day we'll see U.S. presidents use Android (thanks, Obama) because it's safe and you have complete control over where and how your data is shared. But all that goes away once you start changing settings, enable USB communication or unlock your bootloader.
An unlocked bootloader is not secure, and when money is involved security is paramount.
It can be frustrating for a power user or enthusiast, but it's time we realize that Android is not built just for us. It's built for everyone — including people who may have unlocked their bootloader without understanding the implications of it all. These are the people who need to be protected from something on their phone that might be able to get access to their bank account or credit card information.
This doesn't just protect the person with the unlocked bootloader, either. When a bank or card issuer has to eat the cost of a fraudulent charge, it doesn't happily consider it a fact of doing business — it wants to limit these instances as much as possible. Interest rates and service fees are how the banks and card issuers make money from us, and raising one or the other (or both) is what happens when the expenditures column get's bigger due to fraudulent charges from insecure systems. In some cases, the banks and card issuers just skip payment methods like Android Pay altogether before they get to that point. By keeping Android Pay from running on potentially compromised phones, it helps Google get more companies on board. For example, Chase took forever to join Android Pay — and there are plenty of other banks yet to join. Not doing everything possible to make the service secure would be a great way to scare them off and keep it from happening.
Thankfully, you don't have to unlock your bootloader to manually update your phone since you can sideload update packages if you're impatient. Maybe one day developers will make use of Android's native app data backup service so we won't have to use Titanium or something similar to keep our app data in place. In the meantime, if we unlock the bootloader we lose Android Pay. It's that simple.
Google's not trying to stop anyone from unlocking their phone's bootloader, nor is it trying to turn Android into something that's not "hacker friendly" (the good kind of hacker). We can still unlock the bootloader to root or to run a different version of Android or just because we want to, but we can't use Android Pay — a service owned by Google and never intended to be open — if we do it.
It's time to stop using SMS for two-factor authentication
Not all 2FA is equal. Using SMS to get a code might not be "better than nothing" after all.
Fresh Surface Duo renders are here, reportedly coming to AT&T
Microsoft hasn't exactly been camera shy with the Surface Duo, but a new set of renders have leaked that offer an even closer look at the device. Alongside the leaked images, the leaker says Duo will be headed to AT&T in the U.S.
24 hours with the Galaxy Note 20 Ultra: Big, beautiful, and backwards
It's still too early to give any conclusive thoughts on the Galaxy Note 20 Ultra, but Samsung's latest flagship is already proving to be a tremendous phone in more ways than one.
Grab a case that comes from the same place as your Note 20
Now that the Galaxy Note 20 and Note 20 Ultra have arrived, the first thing you'll want to do is pick up a proper case. But instead of waiting around for third-party retailers to make their cases available, why not grab one from Samsung alongside your Note 20, giving you the whole package right at your doorstep?