Google mandates OEMS to push out Android security updates for at least two years | Tech Industry
Google works on pushing out Android security patches every month which OEMs struggle to push out to their devices. While phone manufacturers have their excuses to compromise on customer security, Google appears to be implementing a change which will change all that.
According to a contract obtained and reported by The Verge, Google’s latest contract will require OEMs to supply Android security updates for two years and provide at least four updates within the first year of a device’s release. Phone vendors will also have to release patches within 90 days of Google identifying a vulnerability.
Updates are mandated in the second year as well, but their no minimum number laid down by Google.
The new contract was obtained after Google announced, last week that it would completely revamp how it monetises Android in the European Economic Area (EEA) because of new regulations associated with a $5 billion fine the company received for violating European antitrust laws.
The key takeaway from the announcement at the time was the fact that Google would be charging up to $40 for Google apps for every unit sold, but this contract does show that there was more to it.
The contract does apply to EEA member nations only but it is quite likely that Google’s global rules will also be reworked to enforce it.
While it definitely is a step in the right direction from a consumer standpoint, we don’t know what penalties will be levied against vendors who fail to meet the contract requirements.