Android has required that smartphones support storage encryption since Android 6 in 2015, but low-end devices have remained exempt because the demand would significantly impact performance.

The default implementation for KeyStore, the system in Android designed to store users credentials and cryptographic keys, is broken, researchers say.

Updating older Amazon devices to the new Fire OS 5 software that began rolling out this month will remove and disable device encryption.

For the enterprise, having more than a third of its Android devices wide open to broken encryption— and even more potentially exploitable with rollbacks— makes Google's platform unacceptable ...