Blog Post

Community blog
2 MIN READ

Enhanced Factory Reset Protection in Android 15

Bigdogburr's avatar
Bigdogburr
Google Team
3 months ago

Factory Reset Protection: A Shield for Everyone

 

Smartphones and tablets have become integral to our work and personal lives, however, they can also be easily lost, and on occasion, stolen by opportunistic thieves. Many times these bad actors will simply wipe the device to remove any personal and business data, with the intent of selling or using the device themselves.  That's where Factory Reset Protection (FRP) steps in as a crucial line of defense.

 

FRP is an Android security feature designed to prevent the reuse of a lost or stolen Android device. It requires your Google account or lockscreen credentials after a factory reset, ensuring that only the rightful owner can access and use the device once it has been wiped.

 

Enhanced Factory Reset Protection

 

Building on its initial purpose, FRP has evolved significantly with the release of Android 15. In the past, tech-savvy thieves and users found ways to bypass FRP, but Android 15 closes those loopholes with powerful new protections. These enhancements were added to combat unauthorized access and make stolen devices much less appealing to thieves, whether they're targeting personal or company-owned devices. Prior to Android 15, the Setup Wizard was responsible for determining whether FRP should be activated, and for enforcing it, including determining whether you have authenticated with the correct credentials to get out of FRP mode and proceed with setup normally. But the Setup Wizard was designed to be a user-friendly tool to walk through setting up a device, not a security enforcement barrier. In Android 15, FRP enforcement has been moved deep into the system, where it’s much harder to overcome.

Benefits You Can Count On

These enhancements translate into real-world benefits for everyone:

 

Individuals:

  • Deters Theft: FRP makes stolen devices far less valuable, as thieves can't bypass the Google account login or lock screen credential check. This significantly reduces the incentive for theft.

  • Peace of Mind: Knowing that your Android device has this robust security feature gives you peace of mind. You can rest assured that if your device falls into the wrong hands, it cannot be used for anything.

Enterprise and Managed Devices:

  • Enhanced Device Security: Factory Reset Protection makes it much harder to reuse or sell stolen devices, which discourages thieves from stealing them in the first place.

  • Simplified Device Management: FRP integrates seamlessly with enterprise mobility management (EMM) solutions, allowing IT administrators to enforce FRP policies and ensure devices are protected.

With Android 15, FRP has evolved into a powerful deterrent against device theft by making stolen devices unusable.

Published 3 months ago
Version 1.0
Security
  • jasonbayton's avatar
    jasonbayton
    Level 4.0: Ice Cream Sandwich
    4 days ago

    I missed this! I spent most of the entire Android 15 beta trying to figure out what was changing with FRP in 15 - docs were light, things were indicated but not confirmed, even escalating up to you guys left me without any more insight.. 

    ..and this doesn't offer much more! What changed in 15 Mike? Where was it moved, how was it improved, what loopholes were closed? I want deets and docs Mr. Burr, the drip-feeding of marketing-approved indicators of improvement aren't enough :D 

  • Kumaresh90's avatar
    Kumaresh90
    Level 2.0: Eclair
    2 months ago

    It is a Tesco Enterprise account (@tesco.com) domain that we have used to sign-up with Google account. we are pushing this account through SOTI Factory reset protection config to the devices. 

  • Bigdogburr's avatar
    Bigdogburr
    Google Team
    2 months ago

    Hi Kumaresh90, what type of account are you using from the EMM?  Is it a local account, or an enterprise account.  If enterprise, is it a Google account?

  • Kumaresh90's avatar
    Kumaresh90
    Level 2.0: Eclair
    2 months ago

    Bigdogburr  Great information. One thing which we are currently struggling with FRP enforcement from EMM is that the google account is treated as a normal user account, even when it is pushed through EMM policy. Due to this, devices are prompted for additional account security validation from google, similar to the validations you get when signing-in to a new device with your google account.

     

    Is there any planned modifications for this behavior?