Google is tightening up security on Android devices in ways that will force about 750 million phones to either update or risk losing access to major protections.
Devices running Android 12 or older no longer receive regular security patches from Google. This accounts for about 750 million users of the operating system, translating to over 25% of all active Android smartphones globally.
Key new components like the Play Integrity API will demand hardware and software requirements met only by newer phones. Apps that handle sensitive data like banking services or email may stop working properly unless the phone meets these upgraded standards.
The most visible changes include restrictions on sideloading apps from unsecure sources and stricter rules for app permissions. Google is pushing for apps to verify device security before granting access to critical features.
Phones that lack recent operating system updates will increasingly fail those checks. Users holding older phones without supported systems will become vulnerable to malicious apps, spyware, or exploits that thrive on outdated platforms.
Earlier versions of Android were more forgiving about what apps could do. Now Google aims for consistency and accountability across its platform.
The result is many models from years past won’t meet new criteria and will be left behind. If you rely on services that require strong security, it’s likely time to consider upgrading your device.
In Kenya, cybersecurity experts have raised concerns that outdated Android phones are already a major target. With mobile money services like M-PESA central to daily life, attackers often exploit older phones through phishing apps or fake updates to steal personal and financial data.
The Communications Authority has reported millions of cyber threat attempts each quarter, many linked to unpatched devices.
