Google is quietly building one of the most aggressive security frameworks ever embedded into a mobile operating system. Code discovered inside the latest versions of Android and Google Play Services reveals that the company’s Advanced Protection Mode — once a niche feature aimed at journalists, activists, and political figures — is evolving into a comprehensive lockdown system that could fundamentally reshape how high-risk users interact with their devices.

The changes, unearthed through APK teardowns and code analysis, suggest Google is preparing to restrict sideloading, limit accessibility service access, disable 2G network connectivity, and enforce a suite of hardened defaults that go far beyond what any mainstream mobile platform currently offers. For enterprise security teams, government IT administrators, and privacy-conscious consumers, the implications are significant.

From Gmail Safeguard to Full-Device Armor

Google’s Advanced Protection Program (APP) has existed since 2017, originally designed to add extra layers of security to Google accounts. It required physical security keys for authentication and imposed stricter controls on third-party app access to Gmail and Drive data. But with Android 16, Google appears ready to extend this philosophy to the device level itself, creating what amounts to a hardened operating mode for the entire smartphone.

As reported by Android Authority, an APK teardown of Google Play Services version 25.20.31 has revealed new strings and code references that paint a detailed picture of what Advanced Protection Mode will look like when it arrives in its fullest form. The teardown was conducted by the publication’s Assemble Debug team, which specializes in decompiling Google’s software to find unreleased features. The findings indicate that Google is preparing to impose restrictions across several critical attack surfaces simultaneously.

Sideloading Gets the Lockdown Treatment

Perhaps the most consequential change involves sideloading — the practice of installing Android applications from sources outside the Google Play Store. According to the code strings discovered by Android Authority, Advanced Protection Mode will block sideloading entirely when activated. A string reading “Can’t install unknown apps” alongside messaging that attributes the restriction to “Advanced Protection settings” makes the intent clear.

This is a dramatic escalation. Android has long differentiated itself from iOS by allowing users to install apps from any source, a flexibility cherished by power users and developers alike. But that same openness has been repeatedly exploited by malware authors, state-sponsored hackers, and commercial spyware vendors who distribute their payloads through sideloaded APK files. By eliminating this vector for users enrolled in Advanced Protection, Google is effectively conceding that the risk-reward calculus for high-threat individuals tilts decisively toward restriction.

Accessibility Services: A Double-Edged Sword Gets Sheathed

The teardown also reveals that Google plans to impose strict limitations on Android’s Accessibility Services framework when Advanced Protection Mode is enabled. Accessibility services are among the most powerful APIs available on Android, originally designed to help users with disabilities interact with their devices. These services can read screen content, perform taps and gestures, overlay content on other apps, and intercept notifications — capabilities that are indispensable for screen readers and assistive tools but equally valuable to malicious actors.

Banking trojans, credential-harvesting malware, and stalkerware have long abused accessibility permissions to monitor user activity, steal passwords, and intercept two-factor authentication codes. Google has been playing whack-a-mole with these abuses for years, tightening Play Store policies and adding runtime warnings. But the new Advanced Protection approach appears to take a more blunt instrument: the code suggests that only pre-approved or system-level accessibility services will be permitted to operate. One discovered string references restricting apps from “having accessibility access” under Advanced Protection, with users directed to the feature’s settings for more information. This could prove controversial among users who rely on legitimate third-party accessibility tools, but for those in genuine danger of targeted surveillance, the tradeoff may be worthwhile.

Cutting the 2G Cord to Thwart Surveillance

Another striking element of the forthcoming Advanced Protection Mode involves cellular network security. The teardown found references to disabling 2G connectivity, a move aimed squarely at combating IMSI catchers — also known as Stingrays or cell-site simulators. These devices, widely used by law enforcement and intelligence agencies around the world, work by impersonating legitimate cell towers and forcing nearby phones to downgrade their connections to the older, less secure 2G protocol, which lacks mutual authentication and uses weak encryption that can be broken in real time.

Google actually introduced the ability to disable 2G at the modem level in Android 12, but it was buried in settings and left as a manual toggle. Under Advanced Protection Mode, this appears to become an enforced default. The code references suggest that 2G will be automatically disabled, with explanatory text informing users that the restriction is part of their Advanced Protection configuration. This aligns with recommendations from organizations like the Electronic Frontier Foundation, which has long advocated for the deprecation of 2G networks as a security measure. For users operating in environments where state-level surveillance is a genuine threat — think foreign correspondents, human rights workers in authoritarian regimes, or corporate executives traveling internationally — this automatic protection against baseband-level attacks represents a meaningful security upgrade.

Memory Tagging and Deeper System Hardening

Beyond the headline features, the teardown hints at additional under-the-hood protections. References to Memory Tagging Extension (MTE), an ARM hardware feature designed to detect memory safety bugs at runtime, suggest that Advanced Protection Mode may enable this capability by default on supported hardware. Memory corruption vulnerabilities remain the bread and butter of sophisticated exploit chains, and MTE represents one of the most promising hardware-level mitigations available. Enabling it by default for high-risk users would place Android ahead of most competing platforms in terms of proactive memory safety enforcement.

Google has been investing heavily in memory safety across its software stack, migrating portions of Android to Rust and championing safer coding practices. But MTE offers a complementary hardware-based approach that can catch vulnerabilities even in legacy C and C++ code. The decision to tie this to Advanced Protection Mode suggests Google views it as a feature with potential performance or compatibility costs that general users might not want to accept, but that high-risk users should embrace.

The Enterprise and Government Angle

For enterprise mobility management (EMM) providers and government IT departments, the expansion of Advanced Protection Mode carries significant implications. Organizations that manage fleets of Android devices for sensitive operations — defense contractors, diplomatic missions, healthcare providers handling protected data — could potentially leverage this mode as a baseline security configuration, reducing the need for third-party mobile threat defense solutions or custom device provisioning.

The timing is also notable. Governments worldwide are grappling with the proliferation of commercial spyware like NSO Group’s Pegasus and Intellexa’s Predator, tools that have been documented targeting journalists, opposition politicians, and civil society figures across dozens of countries. The U.S. government has placed several spyware vendors on its Entity List, and the Biden administration issued an executive order in 2023 restricting federal use of commercial spyware. Google’s move to bake aggressive anti-surveillance features directly into Android could be seen as both a technical response and a strategic positioning play, signaling to government buyers that Android can meet the security requirements of even the most sensitive deployments.

What Remains Unknown — and What to Watch

Several important questions remain unanswered. It is not yet clear whether Advanced Protection Mode will be available on all Android 16 devices or limited to Pixel phones and select partners. Google has historically used Pixel as a proving ground for security features before extending them to the broader ecosystem, and the deep integration required for features like MTE and modem-level 2G disabling may limit initial availability.

There is also the question of user experience. A mode that blocks sideloading, restricts accessibility services, and disables 2G connectivity will inevitably generate friction. Google will need to communicate clearly about what users are giving up and why, particularly for accessibility restrictions that could inadvertently harm the very populations those services were designed to help. The code strings suggest Google is building explanatory UI elements, but the effectiveness of that communication will only become apparent when the feature ships.

What is clear is that Google is no longer content to treat Advanced Protection as a simple account-security overlay. The company is building a comprehensive device hardening mode that addresses threats ranging from social engineering and malware to baseband exploitation and memory corruption attacks. For the security community, it represents one of the most ambitious attempts yet to create a consumer-accessible high-security mobile configuration — one that could set a new standard for what it means to protect a smartphone against determined adversaries.