Google no longer requires standard disk encryption in Android Lollipop

It appears that Google has dropped the requirement to enable storage encryption on Android versions 5.0 and above by default. Securing the file storage causes performance degradation, which is probably what prompted this decision.

ArsTechnica discovered that encryption of files on the internal memory of devices running Android Lollipop is no longer enabled by default. The reason for this is not clear: Google has not yet responded. A compatibility document that Google has prepared for Android manufacturers states that while devices must support full-disk encryption, despite a recommendation, this does not have to be enabled by default. The internet giant warns that this will probably become mandatory in the future, if manufacturers want to see their devices certified by Google.

Google had previously just announced that full-disk encryption would be enabled by default in Android Lollipop. Previously, the company released the Nexus 6, among other things, where security is indeed on by default. However, the company was criticized for the smartphone’s performance, which would be slower due to the encryption technique. Google has probably subsequently adjusted the conditions for Google certification: this gives manufacturers more time to properly implement the security.

The disappointing performance probably has something to do with how the file encryption is implemented. Google is reportedly not using the drivers Qualcomm has developed for its crypto engine. As a result, the Qualcomm Snapdragon 805-soc built into the Nexus 6 cannot hardware accelerate encryption and decryption, according to Android Police. Because the CPU is needed, the smartphone would be slower, something that was confirmed with benchmarks.