Mishaal Rahman / Android Authority
TL;DR
- Android 16 hides the content of certain sensitive notifications from appearing on the lock screen, in particular notifications with OTP codes.
- This follows a change in Android 15 that blocks untrusted apps from reading sensitive notifications with OTP codes.
- This feature is live in Android 16 DP1 and should arrive in the stable release unless Google removes it.
It might be tempting to have all your notifications show up on the lock screen so you don’t have to unlock your device to see them. However, doing so exposes your sensitive information to potential threats, such as thieves who could easily access your notifications if they steal your device. Even worse, if notifications containing two-factor authentication codes appear on the lock screen, someone could see them and potentially get access to your online accounts. Fortunately, Google is working on a new feature in Android 16 that protects your most sensitive notifications containing two-factor authentication codes.
After Google released the first developer preview of Android 16 earlier this week, we’ve been digging into the update to find out what’s new. We noticed that the lock screen in Android 16 Developer Preview 1 no longer displays the contents of notifications that Android System Intelligence deems to be “sensitive.” So far, we’ve observed this to be the case for notifications with OTP codes in them, but it’s possible that other types of content might trigger this behavior.
Mishaal Rahman / Android Authority
Sensitive notification on lock screen of Android 15 QPR2 Beta 1 (left) vs Android 16 DP1 (right)
Android 16 DP1 automatically hides the content of these sensitive notifications even if you enable the “sensitive notifications” option under Settings > Notifications > Sensitive notifications. That option, when disabled, hides the title and summary of all notifications on the lock screen, though you can still see what apps have posted notifications. A separate option on the same page named notifications on lock screen lets you control whether to hide all notifications entirely, only hide conversation notifications, or to show all notification content.
Mishaal Rahman / Android Authority
Combined, these two options give you a lot of freedom over how you want your notifications to be displayed on the lock screen. However, most people will likely keep the default choices, which is to have all notification content displayed on the lock screen. By automatically redacting sensitive notifications with OTP codes, Android 16 DP1 protects you from accidentally leaking that information regardless of your lock screen notification choices.
This change in Android 16 builds upon a similar one we spotted in Android 15. In Android 15, the operating system blocks untrusted apps from reading sensitive notifications with two-factor authentication codes, even if they have permission to read all your notifications. That feature works pretty similarly to this one, wherein the Android System Intelligence service parses notifications to determine whether they have OTP codes in them. Android 15 then redacts them before sending them off to third-party notification listeners. Android 16 extends this by also redacting those notifications before displaying them on the lock screen.
Given that this change is live in Android 16 DP1, there’s a good chance it will end up in the stable release of Android 16 next year. However, we can’t say that with certainty, as Google has introduced only to later take away new features in developer previews before, such as notification cooldown.
Got a tip? Talk to us! Email our staff at [email protected]. You can stay anonymous or get credit for the info, it's your choice.
English (US) ·