How Google Should Fix Android Updates
There are plenty of myths and misconceptions about Android, and not everything you hear about the world’s most popular mobile operating system is true. (So no, Android isn’t too complicated to learn if you’ve been using an iPhone, and it isn’t inevitable that your Android device will be infected by malware or will be crippled by performance issues.) But what is true about Android is that updates to the operating system come very, very slowly. And Android’s update problem really needs a solution.
According to a recent report by Jack Clark and Scott Moritz for Bloomberg, Google’s latest attempt to get phone makers and carriers to update their devices to the latest version of Android demonstrates that Google is “using both carrots and sticks to get partners to keep the world’s most popular mobile operating system more up to date.” Clark and Moritz report that while Google has accelerated its own security updates, rolled out technology workarounds, and reduced phone testing requirements, the company is also reportedly “drawing up rankings that could shame some phone makers into better behavior.”
While Google is making progress persuading phone makers and carriers to roll out security updates more quickly — polishing a process that could be used to send operating system updates, too — the most challenging discussions are reportedly with carriers. Carriers are often slow to approve updates because they need to be tested thoroughly to avoid network disruption. Verizon’s tests, for instance, can take months, and while the company has reduced the process by a few weeks in response to pressure from Google and consumers, shortening it further is difficult because the carrier supports so many different Android phones.
In the wake of Stagefright, which left almost a billion devices vulnerable to attacks by hackers, smartphone makers are struggling to follow Google’s lead toward monthly security updates. Google is trying to convince carriers to exclude its security patches from their full series of tests, which Bloomberg learned can cost several hundred thousand dollars for each phone model. But some carriers don’t prioritize security, and all are more focused on selling new devices than updating existing ones.
So Google’s latest tactic is to draw up lists that rank top Android phone manufacturers by how up-to-date their phones are in terms of security patches and operating system versions. Google reportedly shared such a list with Android partners earlier this year, and discussed making it public to “highlight proactive manufacturers and shame tardy vendors through omission from the list,” according to Bloomberg.
Ron Amadeo reports for Ars Technica that this isn’t the first time that Google has tried to entice smartphone manufacturers to update their devices. But it wan’t until the Stagefright vulnerability that Google started producing monthly security updates. Nexus devices and a handful of flagship phones from other manufacturers have begun getting these updates, but most Android users never get them.
Amadeo thinks that to get Android partners to update their devices, Google needs to do more than just shame them with a public list, since short of an unlikely marketing push by Google, such a list wouldn’t compete with the millions of dollars that companies spend on advertising. Amadeo thinks that to get Android partners to update, Google needs to start speaking the language of OEMs: money. When a company already has your money, it’s likely to regard updating your device as a needless expense (especially since updating a device could enable you to hold onto that device, hurting future sales).
Amadeo argues that Google needs to make it worth Android partners’ time to update their devices by reducing or eliminating their ad share revenue if they don’t push out timely updates. If a device manufacturer stays ahead of the curve on keeping its devices up to date, Google could increase its ad share revenue. Amadeo explains, “Threatening to shift the stock price of an OEM by affecting its bottom line is the nuclear option—and, folks, we’re at the point where the nuclear option is all that’s left.” He explains:
Unlike Google’s update rankings, a backroom deal also has the benefit of affecting every customer equally regardless of how much research they do before the purchase. Android partners would be incentivized to update quickly, since every day they don’t update is another day of lost ad revenue. It would push them to update the most popular devices first, since those would have the highest share of ad clicks. We also can’t imagine that it would cost Google a ton more money since, remember, it is already doing this. We’re just suggesting it attach a tiered system to the ad share model.
It’s because of Android fragmentation that millions of Android users don’t have access either to the latest features of the operating system or the critical security patches that would fix software vulnerabilities like Stagefright. Currently, just 7.5% of Android devices run Marshmallow, the latest Android version. Consumers as well as regulators, both in the United States and in Europe, are dissatisfied with the state of Android’s update system, and device manufacturers like Samsung have come under fire for neglecting to update many devices.
Google is releasing some new features as standalone apps, rather than as part of a new version of the Android operating system, which means that it can refresh them without carrier tests. It’s also making some features compatible with earlier versions of Android, and Amadeo notes that with Google Play Services, the company re-architected Android to make the underlying operating system version “more or less not matter for many feature implementations,” as demonstrated at I/O 2016 with the launch of Android Instant Apps and the feature’s compatibility all the way back to Android 4.2.