Google is committed to advancing racial equity for Black communities. See how.

1. Introduction

This document enumerates the requirements that must be met in order for devices to be compatible with Android 11.

The use of “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” is per the IETF standard defined in RFC2119.

As used in this document, a “device implementer” or “implementer” is a person or organization developing a hardware/software solution running Android 11. A “device implementation” or “implementation" is the hardware/software solution so developed.

To be considered compatible with Android 11, device implementations MUST meet the requirements presented in this Compatibility Definition, including any documents incorporated via reference.

Where this definition or the software tests described in section 10 is silent, ambiguous, or incomplete, it is the responsibility of the device implementer to ensure compatibility with existing implementations.

For this reason, the Android Open Source Project is both the reference and preferred implementation of Android. Device implementers are STRONGLY RECOMMENDED to base their implementations to the greatest extent possible on the “upstream” source code available from the Android Open Source Project. While some components can hypothetically be replaced with alternate implementations, it is STRONGLY RECOMMENDED to not follow this practice, as passing the software tests will become substantially more difficult. It is the implementer’s responsibility to ensure full behavioral compatibility with the standard Android implementation, including and beyond the Compatibility Test Suite. Finally, note that certain component substitutions and modifications are explicitly forbidden by this document.

Many of the resources linked to in this document are derived directly or indirectly from the Android SDK and will be functionally identical to the information in that SDK’s documentation. In any cases where this Compatibility Definition or the Compatibility Test Suite disagrees with the SDK documentation, the SDK documentation is considered authoritative. Any technical details provided in the linked resources throughout this document are considered by inclusion to be part of this Compatibility Definition.

1.1 Document Structure

1.1.1. Requirements by Device Type

Section 2 contains all of the requirements that apply to a specific device type. Each subsection of Section 2 is dedicated to a specific device type.

All the other requirements, that universally apply to any Android device implementations, are listed in the sections after Section 2. These requirements are referenced as "Core Requirements" in this document.

1.1.2. Requirement ID

Requirement ID is assigned for MUST requirements.

The ID is assigned for MUST requirements only.

STRONGLY RECOMMENDED requirements are marked as [SR] but ID is not assigned.

The ID consists of : Device Type ID - Condition ID - Requirement ID (e.g. C-0-1).

Each ID is defined as below:

Device Type ID (see more in 2. Device Types) C: Core (Requirements that are applied to any Android device implementations) H: Android Handheld device T: Android Television device A: Android Automotive implementation W: Android Watch implementation Tab: Android Tablet implementation

Condition ID When the requirement is unconditional, this ID is set as 0. When the requirement is conditional, 1 is assigned for the 1st condition and the number increments by 1 within the same section and the same device type.

Requirement ID This ID starts from 1 and increments by 1 within the same section and the same condition.



1.1.3. Requirement ID in Section 2

The Requirement ID in Section 2 starts with the corresponding section ID that is followed by the Requirement ID described above.

The ID in Section 2 consists of : Section ID / Device Type ID - Condition ID - Requirement ID (e.g. 7.4.3/A-0-1).

2. Device Types

While the Android Open Source Project provides a software stack that can be used for a variety of device types and form factors, there are a few device types that have a relatively better established application distribution ecosystem.

This section describes those device types, and additional requirements and recommendations applicable for each device type.

All Android device implementations that do not fit into any of the described device types MUST still meet all requirements in the other sections of this Compatibility Definition.

2.1 Device Configurations

For the major differences in hardware configuration by device type, see the device-specific requirements that follow in this section.

2.2. Handheld Requirements

An Android Handheld device refers to an Android device implementation that is typically used by holding it in the hand, such as an mp3 player, phone, or tablet.

Android device implementations are classified as a Handheld if they meet all the following criteria:

Have a power source that provides mobility, such as a battery.

Have a physical diagonal screen size in the range of 3.3 inches (or 2.5 inches for devices which launched on an API level earlier than Android 11) to 8 inches.

The additional requirements in the rest of this section are specific to Android Handheld device implementations.

Note: Requirements that do not apply to Android Tablet devices are marked with an *.

2.2.1. Hardware

Handheld device implementations:

[7.1.1.1/H-0-1] MUST have at least one Android-compatible display that meets all requirements described on this document.

[7.1.1.3/H-SR] Are STRONGLY RECOMMENDED to provide users an affordance to change the display size (screen density).

If Handheld device implementations support software screen rotation, they:

[7.1.1.1/H-1-1]* MUST make the logical screen that is made available for third party applications be at least 2 inches on the short edge(s) and 2.7 inches on the long edge(s). Devices which launched on an API level earlier than that of this document are exempted from this requirement.

If Handheld device implementations do not support software screen rotation, they:

[7.1.1.1/H-2-1]* MUST make the logical screen that is made available for third party applications be at least 2.7 inches on the short edge(s). Devices which launched on an API level earlier than that of this document are exempted from this requirement.

If Handheld device implementations claim support for high dynamic range displays through Configuration.isScreenHdr() , they:

[7.1.4.5/H-1-1] MUST advertise support for the EGL_EXT_gl_colorspace_bt2020_pq , EGL_EXT_surface_SMPTE2086_metadata , EGL_EXT_surface_CTA861_3_metadata , VK_EXT_swapchain_colorspace , and VK_EXT_hdr_metadata extensions.

Handheld device implementations:

[7.1.4.6/H-0-1] MUST report whether the device supports the GPU profiling capability via a system property graphics.gpu.profiler.support .

If Handheld device implementations declare support via a system property graphics.gpu.profiler.support , they:

Handheld device implementations:

[7.1.5/H-0-1] MUST include support for legacy application compatibility mode as implemented by the upstream Android open source code. That is, device implementations MUST NOT alter the triggers or thresholds at which compatibility mode is activated, and MUST NOT alter the behavior of the compatibility mode itself.

[7.2.1/H-0-1] MUST include support for third-party Input Method Editor (IME) applications.

[7.2.3/H-0-3] MUST provide the Home function on all the Android-compatible displays that provide the home screen.

[7.2.3/H-0-4] MUST provide the Back function on all the Android-compatible displays and the Recents function on at least one of the Android-compatible displays.

[7.2.3/H-0-2] MUST send both the normal and long press event of the Back function ( KEYCODE_BACK ) to the foreground application. These events MUST NOT be consumed by the system and CAN be triggered by outside of the Android device (e.g. external hardware keyboard connected to the Android device).

) to the foreground application. These events MUST NOT be consumed by the system and CAN be triggered by outside of the Android device (e.g. external hardware keyboard connected to the Android device). [7.2.4/H-0-1] MUST support touchscreen input.

[7.2.4/H-SR] Are STRONGLY RECOMMENDED to launch the user-selected assist app, in other words the app that implements VoiceInteractionService, or an activity handling the ACTION_ASSIST on long-press of KEYCODE_MEDIA_PLAY_PAUSE or KEYCODE_HEADSETHOOK if the foreground activity does not handle those long-press events.

on long-press of or if the foreground activity does not handle those long-press events. [7.3.1/H-SR] Are STRONGLY RECOMMENDED to include a 3-axis accelerometer.

If Handheld device implementations include a 3-axis accelerometer, they:

[7.3.1/H-1-1] MUST be able to report events up to a frequency of at least 100 Hz.

If Handheld device implementations include a GPS/GNSS receiver and report the capability to applications through the android.hardware.location.gps feature flag, they:

[7.3.3/H-2-1] MUST report GNSS measurements, as soon as they are found, even if a location calculated from GPS/GNSS is not yet reported.

[7.3.3/H-2-2] MUST report GNSS pseudoranges and pseudorange rates, that, in open-sky conditions after determining the location, while stationary or moving with less than 0.2 meter per second squared of acceleration, are sufficient to calculate position within 20 meters, and speed within 0.2 meters per second, at least 95% of the time.

If Handheld device implementations include a 3-axis gyroscope, they:

[7.3.4/H-3-1] MUST be able to report events up to a frequency of at least 100 Hz.

[7.3.4/H-3-2] MUST be capable of measuring orientation changes up to 1000 degrees per second.

Handheld device implementations that can make a voice call and indicate any value other than PHONE_TYPE_NONE in getPhoneType :

[7.3.8/H] SHOULD include a proximity sensor.

Handheld device implementations:

[7.3.11/H-SR] Are RECOMMENDED to support pose sensor with 6 degrees of freedom.

[7.4.3/H] SHOULD include support for Bluetooth and Bluetooth LE.

If Handheld device implementations include a metered connection, they:

[7.4.7/H-1-1] MUST provide the data saver mode.

If Handheld device implementations include a logical camera device that lists capabilities using CameraMetadata.REQUEST_AVAILABLE_CAPABILITIES_LOGICAL_MULTI_CAMERA , they:

[7.5.4/H-1-1] MUST have normal field of view (FOV) by default and it MUST be between 50 and 90 degrees.

Handheld device implementations:

[7.6.1/H-0-1] MUST have at least 4 GB of non-volatile storage available for application private data (a.k.a. "/data" partition).

[7.6.1/H-0-2] MUST return “true” for ActivityManager.isLowRamDevice() when there is less than 1GB of memory available to the kernel and userspace.

If Handheld device implementations declare support of only a 32-bit ABI:

[7.6.1/H-1-1] The memory available to the kernel and userspace MUST be at least 416MB if the default display uses framebuffer resolutions up to qHD (e.g. FWVGA).

[7.6.1/H-2-1] The memory available to the kernel and userspace MUST be at least 592MB if the default display uses framebuffer resolutions up to HD+ (e.g. HD, WSVGA).

[7.6.1/H-3-1] The memory available to the kernel and userspace MUST be at least 896MB if the default display uses framebuffer resolutions up to FHD (e.g. WSXGA+).

[7.6.1/H-4-1] The memory available to the kernel and userspace MUST be at least 1344MB if the default display uses framebuffer resolutions up to QHD (e.g. QWXGA).

If Handheld device implementations declare support of 32-bit and 64-bit ABIs:

[7.6.1/H-5-1] The memory available to the kernel and userspace MUST be at least 816MB if the default display uses framebuffer resolutions up to qHD (e.g. FWVGA).

[7.6.1/H-6-1] The memory available to the kernel and userspace MUST be at least 944MB if the default display uses framebuffer resolutions up to HD+ (e.g. HD, WSVGA).

[7.6.1/H-7-1] The memory available to the kernel and userspace MUST be at least 1280MB if the default display uses framebuffer resolutions up to FHD (e.g. WSXGA+).

[7.6.1/H-8-1] The memory available to the kernel and userspace MUST be at least 1824MB if the default display uses framebuffer resolutions up to QHD (e.g. QWXGA).

Note that the "memory available to the kernel and userspace" above refers to the memory space provided in addition to any memory already dedicated to hardware components such as radio, video, and so on that are not under the kernel’s control on device implementations.

If Handheld device implementations include less than or equal to 1GB of memory available to the kernel and userspace, they:

[7.6.1/H-9-1] MUST declare the feature flag android.hardware.ram.low .

. [7.6.1/H-9-2] MUST have at least 1.1 GB of non-volatile storage for application private data (a.k.a. "/data" partition).

If Handheld device implementations include more than 1GB of memory available to the kernel and userspace, they:

[7.6.1/H-10-1] MUST have at least 4GB of non-volatile storage available for application private data (a.k.a. "/data" partition).

SHOULD declare the feature flag android.hardware.ram.normal .

Handheld device implementations:

[7.6.2/H-0-1] MUST NOT provide an application shared storage smaller than 1 GiB.

[7.7.1/H] SHOULD include a USB port supporting peripheral mode.

If handheld device implementations include a USB port supporting peripheral mode, they:

[7.7.1/H-1-1] MUST implement the Android Open Accessory (AOA) API.

If Handheld device implementations include a USB port supporting host mode, they:

[7.7.2/H-1-1] MUST implement the USB audio class as documented in the Android SDK documentation.

Handheld device implementations:

[7.8.1/H-0-1] MUST include a microphone.

[7.8.2/H-0-1] MUST have an audio output and declare android.hardware.audio.output .

If Handheld device implementations are capable of meeting all the performance requirements for supporting VR mode and include support for it, they:

[7.9.1/H-1-1] MUST declare the android.hardware.vr.high_performance feature flag.

feature flag. [7.9.1/H-1-2] MUST include an application implementing android.service.vr.VrListenerService that can be enabled by VR applications via android.app.Activity#setVrModeEnabled .

If Handheld device implementations include one or more USB-C port(s) in host mode and implement (USB audio class), in addition to requirements in section 7.7.2, they:

[7.8.2.2/H-1-1] MUST provide the following software mapping of HID codes:

Function Mappings Context Behavior A HID usage page: 0x0C

HID usage: 0x0CD

Kernel key: KEY_PLAYPAUSE

Android key: KEYCODE_MEDIA_PLAY_PAUSE Media playback Input: Short press

Output: Play or pause Input: Long press

Output: Launch voice command

Sends: android.speech.action.VOICE_SEARCH_HANDS_FREE if the device is locked or its screen is off. Sends android.speech.RecognizerIntent.ACTION_WEB_SEARCH otherwise Incoming call Input: Short press

Output: Accept call Input: Long press

Output: Reject call Ongoing call Input: Short press

Output: End call Input: Long press

Output: Mute or unmute microphone B HID usage page: 0x0C

HID usage: 0x0E9

Kernel key: KEY_VOLUMEUP

Android key: VOLUME_UP Media playback, Ongoing call Input: Short or long press

Output: Increases the system or headset volume C HID usage page: 0x0C

HID usage: 0x0EA

Kernel key: KEY_VOLUMEDOWN

Android key: VOLUME_DOWN Media playback, Ongoing call Input: Short or long press

Output: Decreases the system or headset volume D HID usage page: 0x0C

HID usage: 0x0CF

Kernel key: KEY_VOICECOMMAND

Android key: KEYCODE_VOICE_ASSIST All. Can be triggered in any instance. Input: Short or long press

Output: Launch voice command

[7.8.2.2/H-1-2] MUST trigger ACTION_HEADSET_PLUG upon a plug insert, but only after the USB audio interfaces and endpoints have been properly enumerated in order to identify the type of terminal connected.

When the USB audio terminal types 0x0302 is detected, they:

[7.8.2.2/H-2-1] MUST broadcast Intent ACTION_HEADSET_PLUG with "microphone" extra set to 0.

When the USB audio terminal types 0x0402 is detected, they:

[7.8.2.2/H-3-1] MUST broadcast Intent ACTION_HEADSET_PLUG with "microphone" extra set to 1.

When API AudioManager.getDevices() is called while the USB peripheral is connected they:

[7.8.2.2/H-4-1] MUST list a device of type AudioDeviceInfo.TYPE_USB_HEADSET and role isSink() if the USB audio terminal type field is 0x0302.

[7.8.2.2/H-4-2] MUST list a device of type AudioDeviceInfo.TYPE_USB_HEADSET and role isSink() if the USB audio terminal type field is 0x0402.

[7.8.2.2/H-4-3] MUST list a device of type AudioDeviceInfo.TYPE_USB_HEADSET and role isSource() if the USB audio terminal type field is 0x0402.

[7.8.2.2/H-4-4] MUST list a device of type AudioDeviceInfo.TYPE_USB_DEVICE and role isSink() if the USB audio terminal type field is 0x603.

[7.8.2.2/H-4-5] MUST list a device of type AudioDeviceInfo.TYPE_USB_DEVICE and role isSource() if the USB audio terminal type field is 0x604.

[7.8.2.2/H-4-6] MUST list a device of type AudioDeviceInfo.TYPE_USB_DEVICE and role isSink() if the USB audio terminal type field is 0x400.

[7.8.2.2/H-4-7] MUST list a device of type AudioDeviceInfo.TYPE_USB_DEVICE and role isSource() if the USB audio terminal type field is 0x400.

[7.8.2.2/H-SR] Are STRONGLY RECOMMENDED upon connection of a USB-C audio peripheral, to perform enumeration of USB descriptors, identify terminal types and broadcast Intent ACTION_HEADSET_PLUG in less than 1000 milliseconds.

If Handheld device implementations include at least one haptic actuator, they:

[7.10/H-SR]* Are STRONGLY RECOMMENDED NOT to use an eccentric rotating mass (ERM) haptic actuator(vibrator).

[7.10/H]* SHOULD position the placement of the actuator near the location where the device is typically held or touched by hands.

[7.10/H-SR]* Are STRONGLY RECOMMENDED to implement all public constants for clear haptics in android.view.HapticFeedbackConstants namely (CLOCK_TICK, CONTEXT_CLICK, KEYBOARD_PRESS, KEYBOARD_RELEASE, KEYBOARD_TAP, LONG_PRESS, TEXT_HANDLE_MOVE, VIRTUAL_KEY, VIRTUAL_KEY_RELEASE, CONFIRM, REJECT, GESTURE_START and GESTURE_END).

[7.10/H-SR]* Are STRONGLY RECOMMENDED to implement all public constants for clear haptics in android.os.VibrationEffect namely (EFFECT_TICK, EFFECT_CLICK, EFFECT_HEAVY_CLICK and EFFECT_DOUBLE_CLICK) and all public constants for rich haptics in android.os.VibrationEffect.Composition namely (PRIMITIVE_CLICK and PRIMITIVE_TICK).

[7.10/H-SR]* Are STRONGLY RECOMMENDED to use these linked haptic constants mappings.

[7.10/H-SR]* Are STRONGLY RECOMMENDED to follow quality assessment for createOneShot() and createWaveform() API's.

[7.10/H-SR]* Are STRONGLY RECOMMENDED to verify the capabilities for amplitude scalability by running android.os.Vibrator.hasAmplitudeControl().

Linear resonant actuator (LRA) is a single mass spring system which has a dominant resonant frequency where the mass translates in the direction of desired motion.

If Handheld device implementations include at least one linear resonant actuator, they:

[7.10/H]* SHOULD move the haptic actuator in the X-axis of portrait orientation.

If Handheld device implementations have a haptic actuator which is X-axis Linear resonant actuator (LRA), they:

[7.10/H-SR]* Are STRONGLY RECOMMENDED to have the resonant frequency of the X-axis LRA be under 200 Hz.

If handheld device implementations follow haptic constants mapping, they:

[7.10/H-SR]* Are STRONGLY RECOMMENDED to perform a quality assessment for haptic constants.

2.2.2. Multimedia

Handheld device implementations MUST support the following audio encoding and decoding formats and make them available to third-party applications:

[5.1/H-0-1] AMR-NB

[5.1/H-0-2] AMR-WB

[5.1/H-0-3] MPEG-4 AAC Profile (AAC LC)

[5.1/H-0-4] MPEG-4 HE AAC Profile (AAC+)

[5.1/H-0-5] AAC ELD (enhanced low delay AAC)

Handheld device implementations MUST support the following video encoding formats and make them available to third-party applications:

Handheld device implementations MUST support the following video decoding formats and make them available to third-party applications:

2.2.3. Software

Handheld device implementations:

[3.2.3.1/H-0-1] MUST have an application that handles the ACTION_GET_CONTENT , ACTION_OPEN_DOCUMENT , ACTION_OPEN_DOCUMENT_TREE , and ACTION_CREATE_DOCUMENT intents as described in the SDK documents, and provide the user affordance to access the document provider data by using DocumentsProvider API.

, , , and intents as described in the SDK documents, and provide the user affordance to access the document provider data by using API. [3.2.3.1/H-0-2]* MUST preload one or more applications or service components with an intent handler, for all the public intent filter patterns defined by the following application intents listed here.

[3.2.3.1/H-SR] Are STRONGLY RECOMMENDED to preload an email application which can handle ACTION_SENDTO or ACTION_SEND or ACTION_SEND_MULTIPLE intents to send an email.

[3.4.1/H-0-1] MUST provide a complete implementation of the android.webkit.Webview API.

API. [3.4.2/H-0-1] MUST include a standalone Browser application for general user web browsing.

[3.8.1/H-SR] Are STRONGLY RECOMMENDED to implement a default launcher that supports in-app pinning of shortcuts, widgets and widgetFeatures.

[3.8.1/H-SR] Are STRONGLY RECOMMENDED to implement a default launcher that provides quick access to the additional shortcuts provided by third-party apps through the ShortcutManager API.

[3.8.1/H-SR] Are STRONGLY RECOMMENDED to include a default launcher app that shows badges for the app icons.

[3.8.2/H-SR] Are STRONGLY RECOMMENDED to support third-party app widgets.

[3.8.3/H-0-1] MUST allow third-party apps to notify users of notable events through the Notification and NotificationManager API classes.

and API classes. [3.8.3/H-0-2] MUST support rich notifications.

[3.8.3/H-0-3] MUST support heads-up notifications.

[3.8.3/H-0-4] MUST include a notification shade, providing the user the ability to directly control (e.g. reply, snooze, dismiss, block) the notifications through user affordance such as action buttons or the control panel as implemented in the AOSP.

[3.8.3/H-0-5] MUST display the choices provided through RemoteInput.Builder setChoices() in the notification shade.

in the notification shade. [3.8.3/H-SR] Are STRONGLY RECOMMENDED to display the first choice provided through RemoteInput.Builder setChoices() in the notification shade without additional user interaction.

in the notification shade without additional user interaction. [3.8.3/H-SR] Are STRONGLY RECOMMENDED to display all the choices provided through RemoteInput.Builder setChoices() in the notification shade when the user expands all notifications in the notification shade.

in the notification shade when the user expands all notifications in the notification shade. [3.8.3.1/H-SR] Are STRONGLY RECOMMENDED to display actions for which Notification.Action.Builder.setContextual is set as true in-line with the replies displayed by Notification.Remoteinput.Builder.setChoices .

is set as in-line with the replies displayed by . [3.8.4/H-SR] Are STRONGLY RECOMMENDED to implement an assistant on the device to handle the Assist action.

If Handheld device implementations support Assist action, they:

[3.8.4/H-SR] Are STRONGLY RECOMMENDED to use long press on HOME key as the designated interaction to launch the assist app as described in section 7.2.3. MUST launch the user-selected assist app, in other words the app that implements VoiceInteractionService , or an activity handling the ACTION_ASSIST intent.

If Handheld device implementations support conversation notifications and group them into a separate section from alerting and silent non-conversation notifications, they:

[3.8.4/H-1-1]* MUST display conversation notifications ahead of non conversation notifications with the exception of ongoing foreground service notifications and importance:high notifications.

If Android Handheld device implementations support a lock screen, they:

[3.8.10/H-1-1] MUST display the Lock screen Notifications including the Media Notification Template.

If Handheld device implementations support a secure lock screen, they:

[3.9/H-1-1] MUST implement the full range of device administration policies defined in the Android SDK documentation.

[3.9/H-1-2] MUST declare the support of managed profiles via the android.software.managed_users feature flag, except when the device is configured so that it would report itself as a low RAM device or so that it allocates internal (non-removable) storage as shared storage.

If Handheld device implementations include support for ControlsProviderService and Control APIs and allow third-party applications to publish device controls , then they:

[3.8.16/H-1-1] MUST declare the feature flag android.software.controls and set it to true .

and set it to . [3.8.16/H-1-2] MUST provide a user affordance with the ability to add, edit, select, and operate the user’s favorite device controls from the controls registered by the third-party applications through the ControlsProviderService and the Control APIs.

and the APIs. [3.8.16/H-1-3] MUST provide access to this user affordance within three interactions from a default Launcher.

[3.8.16/H-1-4] MUST accurately render in this user affordance the name and icon of each third-party app that provides controls via the ControlsProviderService API as well as any specified fields provided by the Control APIs.

Conversely, If Handheld device implementations do not implement such controls, they:

[3.8.16/H-2-1] MUST report null for the ControlsProviderService and the Control APIs.

for the and the APIs. [3.8.16/H-2-2] MUST declare the feature flag android.software.controls and set it to false .

Handheld device implementations:

[3.10/H-0-1] MUST support third-party accessibility services.

[3.10/H-SR] Are STRONGLY RECOMMENDED to preload accessibility services on the device comparable with or exceeding functionality of the Switch Access and TalkBack (for languages supported by the preinstalled Text-to-speech engine) accessibility services as provided in the talkback open source project.

[3.11/H-0-1] MUST support installation of third-party TTS engines.

[3.11/H-SR] Are STRONGLY RECOMMENDED to include a TTS engine supporting the languages available on the device.

[3.13/H-SR] Are STRONGLY RECOMMENDED to include a Quick Settings UI component.

If Android handheld device implementations declare FEATURE_BLUETOOTH or FEATURE_WIFI support, they:

[3.16/H-1-1] MUST support the companion device pairing feature.

If the navigation function is provided as an on-screen, gesture-based action:

[7.2.3/H] The gesture recognition zone for the Home function SHOULD be no higher than 32 dp in height from the bottom of the screen.

If Handheld device implementations provide a navigation function as a gesture from anywhere on the left and right edges of the screen:

[7.2.3/H-0-1] The navigation function's gesture area MUST be less than 40 dp in width on each side. The gesture area SHOULD be 24 dp in width by default.

2.2.4. Performance and Power

[8.1/H-0-1] Consistent frame latency . Inconsistent frame latency or a delay to render frames MUST NOT happen more often than 5 frames in a second, and SHOULD be below 1 frames in a second.

. Inconsistent frame latency or a delay to render frames MUST NOT happen more often than 5 frames in a second, and SHOULD be below 1 frames in a second. [8.1/H-0-2] User interface latency . Device implementations MUST ensure low latency user experience by scrolling a list of 10K list entries as defined by the Android Compatibility Test Suite (CTS) in less than 36 secs.

. Device implementations MUST ensure low latency user experience by scrolling a list of 10K list entries as defined by the Android Compatibility Test Suite (CTS) in less than 36 secs. [8.1/H-0-3] Task switching. When multiple applications have been launched, re-launching an already-running application after it has been launched MUST take less than 1 second.

Handheld device implementations:

[8.2/H-0-1] MUST ensure a sequential write performance of at least 5 MB/s.

[8.2/H-0-2] MUST ensure a random write performance of at least 0.5 MB/s.

[8.2/H-0-3] MUST ensure a sequential read performance of at least 15 MB/s.

[8.2/H-0-4] MUST ensure a random read performance of at least 3.5 MB/s.

If Handheld device implementations include features to improve device power management that are included in AOSP or extend the features that are included in AOSP, they:

[8.3/H-1-1] MUST provide user affordance to enable and disable the battery saver feature.

[8.3/H-1-2] MUST provide user affordance to display all apps that are exempted from App Standby and Doze power-saving modes.

Handheld device implementations:

[8.4/H-0-1] MUST provide a per-component power profile that defines the current consumption value for each hardware component and the approximate battery drain caused by the components over time as documented in the Android Open Source Project site.

[8.4/H-0-2] MUST report all power consumption values in milliampere hours (mAh).

[8.4/H-0-3] MUST report CPU power consumption per each process's UID. The Android Open Source Project meets the requirement through the uid_cputime kernel module implementation.

kernel module implementation. [8.4/H-0-4] MUST make this power usage available via the adb shell dumpsys batterystats shell command to the app developer.

shell command to the app developer. [8.4/H] SHOULD be attributed to the hardware component itself if unable to attribute hardware component power usage to an application.

If Handheld device implementations include a screen or video output, they:

[8.4/H-1-1] MUST honor the android.intent.action.POWER_USAGE_SUMMARY intent and display a settings menu that shows this power usage.

2.2.5. Security Model

Handheld device implementations:

[9.1/H-0-1] MUST allow third-party apps to access the usage statistics via the android.permission.PACKAGE_USAGE_STATS permission and provide a user-accessible mechanism to grant or revoke access to such apps in response to the android.settings.ACTION_USAGE_ACCESS_SETTINGS intent.

Handheld device implementations (* Not applicable for Tablet):

[9.11/H-0-2]* MUST back up the keystore implementation with an isolated execution environment.

[9.11/H-0-3]* MUST have implementations of RSA, AES, ECDSA, and HMAC cryptographic algorithms and MD5, SHA1, and SHA-2 family hash functions to properly support the Android Keystore system's supported algorithms in an area that is securely isolated from the code running on the kernel and above. Secure isolation MUST block all potential mechanisms by which kernel or userspace code might access the internal state of the isolated environment, including DMA. The upstream Android Open Source Project (AOSP) meets this requirement by using the Trusty implementation, but another ARM TrustZone-based solution or a third-party reviewed secure implementation of a proper hypervisor-based isolation are alternative options.

[9.11/H-0-4]* MUST perform the lock screen authentication in the isolated execution environment and only when successful, allow the authentication-bound keys to be used. Lock screen credentials MUST be stored in a way that allows only the isolated execution environment to perform lock screen authentication. The upstream Android Open Source Project provides the Gatekeeper Hardware Abstraction Layer (HAL) and Trusty, which can be used to satisfy this requirement.

[9.11/H-0-5]* MUST support key attestation where the attestation signing key is protected by secure hardware and signing is performed in secure hardware. The attestation signing keys MUST be shared across large enough number of devices to prevent the keys from being used as device identifiers. One way of meeting this requirement is to share the same attestation key unless at least 100,000 units of a given SKU are produced. If more than 100,000 units of an SKU are produced, a different key MAY be used for each 100,000 units.

Note that if a device implementation is already launched on an earlier Android version, such a device is exempted from the requirement to have a keystore backed by an isolated execution environment and support the key attestation, unless it declares the android.hardware.fingerprint feature which requires a keystore backed by an isolated execution environment.

When Handheld device implementations support a secure lock screen, they:

[9.11/H-1-1] MUST allow the user to choose the shortest sleep timeout, that is a transition time from the unlocked to the locked state, as 15 seconds or less.

[9.11/H-1-2] MUST provide user affordance to hide notifications and disable all forms of authentication except for the primary authentication described in 9.11.1 Secure Lock Screen. The AOSP meets the requirement as lockdown mode.

Handheld device implementations (* Not applicable for Tablet):

[6.1/H-0-1]* MUST support the shell command cmd testharness .

Handheld device implementations (* Not applicable for Tablet):

2.3. Television Requirements

An Android Television device refers to an Android device implementation that is an entertainment interface for consuming digital media, movies, games, apps, and/or live TV for users sitting about ten feet away (a “lean back” or “10-foot user interface”).

Android device implementations are classified as a Television if they meet all the following criteria:

Have provided a mechanism to remotely control the rendered user interface on the display that might sit ten feet away from the user.

Have an embedded screen display with the diagonal length larger than 24 inches OR include a video output port, such as VGA, HDMI, DisplayPort, or a wireless port for display.

The additional requirements in the rest of this section are specific to Android Television device implementations.

2.3.1. Hardware

Television device implementations:

[7.2.2/T-0-1] MUST support D-pad.

[7.2.3/T-0-1] MUST provide the Home and Back functions.

[7.2.3/T-0-2] MUST send both the normal and long press event of the Back function ( KEYCODE_BACK ) to the foreground application.

) to the foreground application. [7.2.6.1/T-0-1] MUST include support for game controllers and declare the android.hardware.gamepad feature flag.

feature flag. [7.2.7/T] SHOULD provide a remote control from which users can access non-touch navigation and core navigation keys inputs.

If Television device implementations include a 3-axis gyroscope, they:

[7.3.4/T-1-1] MUST be able to report events up to a frequency of at least 100 Hz.

[7.3.4/T-1-2] MUST be capable of measuring orientation changes up to 1000 degrees per second.

Television device implementations:

[7.4.3/T-0-1] MUST support Bluetooth and Bluetooth LE.

[7.6.1/T-0-1] MUST have at least 4 GB of non-volatile storage available for application private data (a.k.a. "/data" partition).

If Television device implementations include a USB port that supports host mode, they:

[7.5.3/T-1-1] MUST include support for an external camera that connects through this USB port but is not necessarily always connected.

If TV device implementations are 32-bit:

[7.6.1/T-1-1] The memory available to the kernel and userspace MUST be at least 896MB if any of the following densities are used: 400dpi or higher on small/normal screens xhdpi or higher on large screens tvdpi or higher on extra large screens



If TV device implementations are 64-bit:

[7.6.1/T-2-1] The memory available to the kernel and userspace MUST be at least 1280MB if any of the following densities are used: 400dpi or higher on small/normal screens xhdpi or higher on large screens tvdpi or higher on extra large screens



Note that the "memory available to the kernel and userspace" above refers to the memory space provided in addition to any memory already dedicated to hardware components such as radio, video, and so on that are not under the kernel’s control on device implementations.

Television device implementations:

[7.8.1/T] SHOULD include a microphone.

[7.8.2/T-0-1] MUST have an audio output and declare android.hardware.audio.output .

2.3.2. Multimedia

Television device implementations MUST support the following audio encoding and decoding formats and make them available to third-party applications:

[5.1/T-0-1] MPEG-4 AAC Profile (AAC LC)

[5.1/T-0-2] MPEG-4 HE AAC Profile (AAC+)

[5.1/T-0-3] AAC ELD (enhanced low delay AAC)

Television device implementations MUST support the following video encoding formats and make them available to third-party applications:

Television device implementations:

[5.2.2/T-SR] Are STRONGLY RECOMMENDED to support H.264 encoding of 720p and 1080p resolution videos at 30 frames per second.

Television device implementations MUST support the following video decoding formats and make them available to third-party applications:

Television device implementations MUST support MPEG-2 decoding, as detailed in Section 5.3.1, at standard video frame rates and resolutions up to and including:

[5.3.1/T-1-1] HD 1080p at 59.94 frames per second with Main Profile High Level.

[5.3.1/T-1-2] HD 1080i at 59.94 frames per second with Main Profile High Level. They MUST deinterlace interlaced MPEG-2 video to its progressive equivalent (e.g. from 1080i at 59.94 frames per second to 1080p at 29.97 frames per second) and make it available to third-party applications.

Television device implementations MUST support H.264 decoding, as detailed in Section 5.3.4, at standard video frame rates and resolutions up to and including:

[5.3.4/T-1-1] HD 1080p at 60 frames per second with Baseline Profile

[5.3.4/T-1-2] HD 1080p at 60 frames per second with Main Profile

[5.3.4/T-1-3] HD 1080p at 60 frames per second with High Profile Level 4.2

Television device implementations with H.265 hardware decoders MUST support H.265 decoding, as detailed in Section 5.3.5, at standard video frame rates and resolutions up to and including:

[5.3.5/T-1-1] HD 1080p at 60 frames per second with Main Profile Level 4.1

If Television device implementations with H.265 hardware decoders support H.265 decoding and the UHD decoding profile, they:

[5.3.5/T-2-1] MUST support UHD 3480p at 60 frames per second with Main10 Level 5 Main Tier profile

Television device implementations MUST support VP8 decoding, as detailed in Section 5.3.6, at standard video frame rates and resolutions up to and including:

[5.3.6/T-1-1] HD 1080p at 60 frames per second decoding profile

Television device implementations with VP9 hardware decoders MUST support VP9 decoding, as detailed in Section 5.3.7, at standard video frame rates and resolutions up to and including:

[5.3.7/T-1-1] HD 1080p at 60 frames per second with profile 0 (8 bit color depth)

If Television device implementations with VP9 hardware decoders support VP9 decoding and the UHD decoding profile, they:

[5.3.7/T-2-1] MUST support UHD 3480p at 60 frames per second with profile 0 (8 bit color depth).

[5.3.7/T-2-1] Are STRONGLY RECOMMENDED to support UHD 3480p at 60 frames per second with profile 2 (10 bit color depth).

Television device implementations:

[5.5/T-0-1] MUST include support for system Master Volume and digital audio output volume attenuation on supported outputs, except for compressed audio passthrough output (where no audio decoding is done on the device).

If Television device implementations do not have a built in display, but instead support an external display connected via HDMI, they:

[5.8/T-0-1] MUST set the HDMI output mode to select the maximum resolution that can be supported with either a 50Hz or 60Hz refresh rate.

[5.8/T-SR] Are STRONGLY RECOMMENDED to provide a user configurable HDMI refresh rate selector.

[5.8] SHOULD set the HDMI output mode refresh rate to either 50Hz or 60Hz, depending on the video refresh rate for the region the device is sold in.

If Television device implementations do not have a built in display, but instead support an external display connected via HDMI, they:

[5.8/T-1-1] MUST support HDCP 2.2.

If Television device implementations do not support UHD decoding, but instead support an external display connected via HDMI, they:

[5.8/T-2-1] MUST support HDCP 1.4

2.3.3. Software

Television device implementations:

[3/T-0-1] MUST declare the features android.software.leanback and android.hardware.type.television .

and . [3.2.3.1/T-0-1] MUST preload one or more applications or service components with an intent handler, for all the public intent filter patterns defined by the following application intents listed here.

[3.4.1/T-0-1] MUST provide a complete implementation of the android.webkit.Webview API.

If Android Television device implementations support a lock screen,they:

[3.8.10/T-1-1] MUST display the Lock screen Notifications including the Media Notification Template.

Television device implementations:

[3.8.14/T-SR] Are STRONGLY RECOMMENDED to support picture-in-picture (PIP) mode multi-window.

[3.10/T-0-1] MUST support third-party accessibility services.

[3.10/T-SR] Are STRONGLY RECOMMENDED to preload accessibility services on the device comparable with or exceeding functionality of the Switch Access and TalkBack (for languages supported by the preinstalled Text-to-speech engine) accessibility services as provided in the talkback open source project.

If Television device implementations report the feature android.hardware.audio.output , they:

[3.11/T-SR] Are STRONGLY RECOMMENDED to include a TTS engine supporting the languages available on the device.

[3.11/T-1-1] MUST support installation of third-party TTS engines.

Television device implementations:

[3.12/T-0-1] MUST support TV Input Framework.

2.3.4. Performance and Power

[8.1/T-0-1] Consistent frame latency . Inconsistent frame latency or a delay to render frames MUST NOT happen more often than 5 frames in a second, and SHOULD be below 1 frames in a second.

. Inconsistent frame latency or a delay to render frames MUST NOT happen more often than 5 frames in a second, and SHOULD be below 1 frames in a second. [8.2/T-0-1] MUST ensure a sequential write performance of at least 5MB/s.

[8.2/T-0-2] MUST ensure a random write performance of at least 0.5MB/s.

[8.2/T-0-3] MUST ensure a sequential read performance of at least 15MB/s.

[8.2/T-0-4] MUST ensure a random read performance of at least 3.5MB/s.

If Television device implementations include features to improve device power management that are included in AOSP or extend the features that are included in AOSP, they:

[8.3/T-1-1] MUST provide user affordance to enable and disable the battery saver feature.

If Television device implementations do not have a battery they:

[8.3/T-1-2] MUST register the device as a batteryless device as described in Supporting Batteryless Devices.

If Television device implementations have a battery they:

[8.3/T-1-3] MUST provide user affordance to display all apps that are exempted from App Standby and Doze power-saving modes.

Television device implementations:

[8.4/T-0-1] MUST provide a per-component power profile that defines the current consumption value for each hardware component and the approximate battery drain caused by the components over time as documented in the Android Open Source Project site.

[8.4/T-0-2] MUST report all power consumption values in milliampere hours (mAh).

[8.4/T-0-3] MUST report CPU power consumption per each process's UID. The Android Open Source Project meets the requirement through the uid_cputime kernel module implementation.

kernel module implementation. [8.4/T] SHOULD be attributed to the hardware component itself if unable to attribute hardware component power usage to an application.

[8.4/T-0-4] MUST make this power usage available via the adb shell dumpsys batterystats shell command to the app developer.

2.3.5. Security Model

Television device implementations:

[9.11/T-0-1] MUST back up the keystore implementation with an isolated execution environment.

[9.11/T-0-2] MUST have implementations of RSA, AES, ECDSA and HMAC cryptographic algorithms and MD5, SHA1, and SHA-2 family hash functions to properly support the Android Keystore system's supported algorithms in an area that is securely isolated from the code running on the kernel and above. Secure isolation MUST block all potential mechanisms by which kernel or userspace code might access the internal state of the isolated environment, including DMA. The upstream Android Open Source Project (AOSP) meets this requirement by using the Trusty implementation, but another ARM TrustZone-based solution or a third-party reviewed secure implementation of a proper hypervisor-based isolation are alternative options.

[9.11/T-0-3] MUST perform the lock screen authentication in the isolated execution environment and only when successful, allow the authentication-bound keys to be used. Lock screen credentials MUST be stored in a way that allows only the isolated execution environment to perform lock screen authentication. The upstream Android Open Source Project provides the Gatekeeper Hardware Abstraction Layer (HAL) and Trusty, which can be used to satisfy this requirement.

[9.11/T-0-4] MUST support key attestation where the attestation signing key is protected by secure hardware and signing is performed in secure hardware. The attestation signing keys MUST be shared across large enough number of devices to prevent the keys from being used as device identifiers. One way of meeting this requirement is to share the same attestation key unless at least 100,000 units of a given SKU are produced. If more than 100,000 units of an SKU are produced, a different key MAY be used for each 100,000 units.

Note that if a device implementation is already launched on an earlier Android version, such a device is exempted from the requirement to have a keystore backed by an isolated execution environment and support the key attestation, unless it declares the android.hardware.fingerprint feature which requires a keystore backed by an isolated execution environment.

If Television device implementations support a secure lock screen, they:

[9.11/T-1-1] MUST allow the user to choose the Sleep timeout for transition from the unlocked to the locked state, with a minimum allowable timeout up to 15 seconds or less.

Television device implementations:

2.4. Watch Requirements

An Android Watch device refers to an Android device implementation intended to be worn on the body, perhaps on the wrist.

Android device implementations are classified as a Watch if they meet all the following criteria:

Have a screen with the physical diagonal length in the range from 1.1 to 2.5 inches.

Have a mechanism provided to be worn on the body.

The additional requirements in the rest of this section are specific to Android Watch device implementations.

2.4.1. Hardware

Watch device implementations:

[7.1.1.1/W-0-1] MUST have a screen with the physical diagonal size in the range from 1.1 to 2.5 inches.

[7.2.3/W-0-1] MUST have the Home function available to the user, and the Back function except for when it is in UI_MODE_TYPE_WATCH .

[7.2.4/W-0-1] MUST support touchscreen input.

[7.3.1/W-SR] Are STRONGLY RECOMMENDED to include a 3-axis accelerometer.

If Watch device implementations include a GPS/GNSS receiver and report the capability to applications through the android.hardware.location.gps feature flag, they:

[7.3.3/W-1-1] MUST report GNSS measurements, as soon as they are found, even if a location calculated from GPS/GNSS is not yet reported.

[7.3.3/W-1-2] MUST report GNSS pseudoranges and pseudorange rates, that, in open-sky conditions after determining the location, while stationary or moving with less than 0.2 meter per second squared of acceleration, are sufficient to calculate position within 20 meters, and speed within 0.2 meters per second, at least 95% of the time.

If Watch device implementations include a 3-axis gyroscope, they:

[7.3.4/W-2-1] MUST be capable of measuring orientation changes up to 1000 degrees per second.

Watch device implementations:

[7.4.3/W-0-1] MUST support Bluetooth.

[7.6.1/W-0-1] MUST have at least 1 GB of non-volatile storage available for application private data (a.k.a. "/data" partition).

[7.6.1/W-0-2] MUST have at least 416 MB memory available to the kernel and userspace.

[7.8.1/W-0-1] MUST include a microphone.

[7.8.2/W] MAY have audio output.

2.4.2. Multimedia

No additional requirements.

2.4.3. Software

Watch device implementations:

[3/W-0-1] MUST declare the feature android.hardware.type.watch .

. [3/W-0-2] MUST support uiMode = UI_MODE_TYPE_WATCH.

[3.2.3.1/W-0-1] MUST preload one or more applications or service components with an intent handler, for all the public intent filter patterns defined by the following application intents listed here.

Watch device implementations:

[3.8.4/W-SR] Are STRONGLY RECOMMENDED to implement an assistant on the device to handle the Assist action.

Watch device implementations that declare the android.hardware.audio.output feature flag:

[3.10/W-1-1] MUST support third-party accessibility services.

[3.10/W-SR] Are STRONGLY RECOMMENDED to preload accessibility services on the device comparable with or exceeding functionality of the Switch Access and TalkBack (for languages supported by the preinstalled Text-to-speech engine) accessibility services as provided in the talkback open source project.

If Watch device implementations report the feature android.hardware.audio.output, they:

[3.11/W-SR] Are STRONGLY RECOMMENDED to include a TTS engine supporting the languages available on the device.

[3.11/W-0-1] MUST support installation of third-party TTS engines.

2.4.4. Performance and Power

If Watch device implementations include features to improve device power management that are included in AOSP or extend the features that are included in AOSP, they:

[8.3/W-SR] Are STRONGLY RECOMMENDED to provide user affordance to display all apps that are exempted from App Standby and Doze power-saving modes.

[8.3/W-SR] Are STRONGLY RECOMMENDED to provide user affordance to enable and disable the battery saver feature.

Watch device implementations:

[8.4/W-0-1] MUST provide a per-component power profile that defines the current consumption value for each hardware component and the approximate battery drain caused by the components over time as documented in the Android Open Source Project site.

[8.4/W-0-2] MUST report all power consumption values in milliampere hours (mAh).

[8.4/W-0-3] MUST report CPU power consumption per each process's UID. The Android Open Source Project meets the requirement through the uid_cputime kernel module implementation.

kernel module implementation. [8.4/W-0-4] MUST make this power usage available via the adb shell dumpsys batterystats shell command to the app developer.

shell command to the app developer. [8.4/W] SHOULD be attributed to the hardware component itself if unable to attribute hardware component power usage to an application.

2.5. Automotive Requirements

Android Automotive implementation refers to a vehicle head unit running Android as an operating system for part or all of the system and/or infotainment functionality.

Android device implementations are classified as an Automotive if they declare the feature android.hardware.type.automotive or meet all the following criteria.

Are embedded as part of, or pluggable to, an automotive vehicle.

Are using a screen in the driver's seat row as the primary display.

The additional requirements in the rest of this section are specific to Android Automotive device implementations.

2.5.1. Hardware

Automotive device implementations:

[7.1.1.1/A-0-1] MUST have a screen at least 6 inches in physical diagonal size.

[7.1.1.1/A-0-2] MUST have a screen size layout of at least 750 dp x 480 dp.

[7.2.3/A-0-1] MUST provide the Home function and MAY provide Back and Recent functions.

[7.2.3/A-0-2] MUST send both the normal and long press event of the Back function ( KEYCODE_BACK ) to the foreground application.

) to the foreground application. [7.3/A-0-1] MUST implement and report GEAR_SELECTION , NIGHT_MODE , PERF_VEHICLE_SPEED and PARKING_BRAKE_ON .

, , and . [7.3/A-0-2] The value of the NIGHT_MODE flag MUST be consistent with dashboard day/night mode and SHOULD be based on ambient light sensor input. The underlying ambient light sensor MAY be the same as Photometer.

flag MUST be consistent with dashboard day/night mode and SHOULD be based on ambient light sensor input. The underlying ambient light sensor MAY be the same as Photometer. [7.3/A-0-3] MUST provide sensor additional info field TYPE_SENSOR_PLACEMENT as part of SensorAdditionalInfo for every sensor provided.

as part of SensorAdditionalInfo for every sensor provided. [7.3/A-0-1] MAY dead reckon Location by fusing GPS/GNSS with additional sensors. If Location is dead reckoned, it is STRONGLY RECOMMENDED to implement and report the corresponding Sensor types and/or Vehicle Property IDs used.

[7.3/A-0-2] The Location requested via LocationManager#requestLocationUpdates() MUST NOT be map matched.

If Automotive device implementations include a 3-axis accelerometer, they:

[7.3.1/A-1-1] MUST be able to report events up to a frequency of at least 100 Hz.

[7.3.1/A-1-2] MUST comply with the Android car sensor coordinate system.

If Automotive device implementations include a 3-axis gyroscope, they:

[7.3.4/A-2-1] MUST be able to report events up to a frequency of at least 100 Hz.

[7.3.4/A-2-2] MUST also implement the TYPE_GYROSCOPE_UNCALIBRATED sensor.

sensor. [7.3.4/A-2-3] MUST be capable of measuring orientation changes up to 250 degrees per second.

[7.3.4/A-SR] Are STRONGLY RECOMMENDED to configure the gyroscope’s measurement range to +/-250dps in order to maximize the resolution possible

If Automotive device implementations include a GPS/GNSS receiver, but do not include cellular network-based data connectivity, they:

[7.3.3/A-3-1] MUST determine location the very first time the GPS/GNSS receiver is turned on or after 4+ days within 60 seconds.

[7.3.3/A-3-2] MUST meet the time-to-first-fix criteria as described in 7.3.3/C-1-2 and 7.3.3/C-1-6 for all other location requests (i.e requests which are not the first time ever or after 4+ days). The requirement 7.3.3/C-1-2 is typically met in vehicles without cellular network-based data connectivity, by using GNSS orbit predictions calculated on the receiver, or using the last known vehicle location along with the ability to dead reckon for at least 60 seconds with a position accuracy satisfying 7.3.3/C-1-3, or a combination of both.

Automotive device implementations:

[7.4.3/A-0-1] MUST support Bluetooth and SHOULD support Bluetooth LE.

[7.4.3/A-0-2] Android Automotive implementations MUST support the following Bluetooth profiles: Phone calling over Hands-Free Profile (HFP). Media playback over Audio Distribution Profile (A2DP). Media playback control over Remote Control Profile (AVRCP). Contact sharing using the Phone Book Access Profile (PBAP).

[7.4.3/A-SR] Are STRONGLY RECOMMENDED to support Message Access Profile (MAP).

[7.4.5/A] SHOULD include support for cellular network-based data connectivity.

[7.4.5/A] MAY use the System API NetworkCapabilities#NET_CAPABILITY_OEM_PAID constant for networks that should be available to system apps.

An exterior view camera is a camera that images scenes outside of the device implementation, like a dashcam.

Automotive device implementations:

SHOULD include one or more exterior view cameras.

If Automotive device implementations include an exterior view camera, for such a camera, they:

[7.5/A-1-1] MUST NOT have exterior view cameras accessible via the Android Camera APIs, unless they comply with camera core requirements.

[7.5/A-SR] Are STRONGLY RECOMMENDED not to rotate or horizontally mirror the camera preview.

[7.5.5/A-SR] Are STRONGLY RECOMMENDED to be oriented so that the long dimension of the camera aligns with the horizon.

[7.5/A-SR] Are STRONGLY RECOMMENDED to have a resolution of at least 1.3 megapixels.

SHOULD have either fixed-focus or EDOF (extended depth of field) hardware.

SHOULD support Android Synchronization Framework.

MAY have either hardware auto-focus or software auto-focus implemented in the camera driver.

Automotive device implementations:

[7.6.1/A-0-1] MUST have at least 4 GB of non-volatile storage available for application private data (a.k.a. "/data" partition).

[7.6.1/A] SHOULD format the data partition to offer improved performance and longevity on flash storage, for example using f2fs file-system.

If Automotive device implementations provide shared external storage via a portion of the internal non-removable storage, they:

[7.6.1/A-SR] Are STRONGLY RECOMMENDED to reduce I/O overhead on operations performed on the external storage, for example by using SDCardFS .

If Automotive device implementations are 32-bit:

[7.6.1/A-1-1] The memory available to the kernel and userspace MUST be at least 512MB if any of the following densities are used: 280dpi or lower on small/normal screens ldpi or lower on extra large screens mdpi or lower on large screens

[7.6.1/A-1-2] The memory available to the kernel and userspace MUST be at least 608MB if any of the following densities are used: xhdpi or higher on small/normal screens hdpi or higher on large screens mdpi or higher on extra large screens

[7.6.1/A-1-3] The memory available to the kernel and userspace MUST be at least 896MB if any of the following densities are used: 400dpi or higher on small/normal screens xhdpi or higher on large screens tvdpi or higher on extra large screens

[7.6.1/A-1-4] The memory available to the kernel and userspace MUST be at least 1344MB if any of the following densities are used: 560dpi or higher on small/normal screens 400dpi or higher on large screens xhdpi or higher on extra large screens



If Automotive device implementations are 64-bit:

[7.6.1/A-2-1] The memory available to the kernel and userspace MUST be at least 816MB if any of the following densities are used: 280dpi or lower on small/normal screens ldpi or lower on extra large screens mdpi or lower on large screens

[7.6.1/A-2-2] The memory available to the kernel and userspace MUST be at least 944MB if any of the following densities are used: xhdpi or higher on small/normal screens hdpi or higher on large screens mdpi or higher on extra large screens

[7.6.1/A-2-3] The memory available to the kernel and userspace MUST be at least 1280MB if any of the following densities are used: 400dpi or higher on small/normal screens xhdpi or higher on large screens tvdpi or higher on extra large screens

[7.6.1/A-2-4] The memory available to the kernel and userspace MUST be at least 1824MB if any of the following densities are used: 560dpi or higher on small/normal screens 400dpi or higher on large screens xhdpi or higher on extra large screens



Note that the "memory available to the kernel and userspace" above refers to the memory space provided in addition to any memory already dedicated to hardware components such as radio, video, and so on that are not under the kernel’s control on device implementations.

Automotive device implementations:

[7.7.1/A] SHOULD include a USB port supporting peripheral mode.

Automotive device implementations:

[7.8.1/A-0-1] MUST include a microphone.

Automotive device implementations:

[7.8.2/A-0-1] MUST have an audio output and declare android.hardware.audio.output .

2.5.2. Multimedia

Automotive device implementations MUST support the following audio encoding and decoding formats and make them available to third-party applications:

[5.1/A-0-1] MPEG-4 AAC Profile (AAC LC)

[5.1/A-0-2] MPEG-4 HE AAC Profile (AAC+)

[5.1/A-0-3] AAC ELD (enhanced low delay AAC)

Automotive device implementations MUST support the following video encoding formats and make them available to third-party applications:

Automotive device implementations MUST support the following video decoding formats and make them available to third-party applications:

Automotive device implementations are STRONGLY RECOMMENDED to support the following video decoding:

2.5.3. Software

Automotive device implementations:

[3/A-0-1] MUST declare the feature android.hardware.type.automotive .

[3/A-0-2] MUST support uiMode = UI_MODE_TYPE_CAR .

[3/A-0-3] MUST support all public APIs in the android.car.* namespace.

If Automotive device implementations provide a proprietary API using android.car.CarPropertyManager with android.car.VehiclePropertyIds , they:

[3/A-1-1] MUST NOT attach special privileges to system application's use of these properties, or prevent third-party applications from using these properties.

[3/A-1-2] MUST NOT replicate a vehicle property that already exists in the SDK.

Automotive device implementations:

[3.2.1/A-0-1] MUST support and enforce all permissions constants as documented by the Automotive Permission reference page.

[3.2.3.1/A-0-1] MUST preload one or more applications or service components with an intent handler, for all the public intent filter patterns defined by the following application intents listed here.

[3.4.1/A-0-1] MUST provide a complete implementation of the android.webkit.Webview API.

[3.8.3/A-0-1] MUST display notifications that use the Notification.CarExtender API when requested by third-party applications.

[3.8.4/A-SR] Are Strongly Recommended to implement an assistant on the device to handle the Assist action.

If Automotive device implementations include a push-to-talk button, they:

[3.8.4/A-1-1] MUST use a short press of the push-to-talk button as the designated interaction to launch the user-selected assist app, in other words the app that implements VoiceInteractionService .

Automotive device implementations:

[3.8.3.1/A-0-1] MUST correctly render resources as described in the Notifications on Automotive OS SDK documentation.

SDK documentation. [3.8.3.1/A-0-2] MUST display PLAY and MUTE for notification actions in the place of those provided through Notification.Builder.addAction()

[3.8.3.1/A] SHOULD restrict the use of rich management tasks such as per-notification-channel controls. MAY use UI affordance per application to reduce controls.

Automotive device implementations:

[3.14/A-0-1] MUST include a UI framework to support third-party apps using the media APIs as described in section 3.14.

[3.14/A-0-2] MUST allow the user to safely interact with Media Applications while driving.

[3.14/A-0-3] MUST support the CAR_INTENT_ACTION_MEDIA_TEMPLATE implicit Intent action with the CAR_EXTRA_MEDIA_PACKAGE extra.

implicit Intent action with the extra. [3.14/A-0-4] MUST provide an affordance to navigate into a Media Application’s preference activity, but MUST only enable it when Car UX Restrictions are not in effect.

[3.14/A-0-5] MUST display error messages set by Media Applications, and MUST support the optional extras ERROR_RESOLUTION_ACTION_LABEL and ERROR_RESOLUTION_ACTION_INTENT .

and . [3.14/A-0-6] MUST support an in-app search affordance for apps that support searching.

[3.14/A-0-7] MUST respect CONTENT_STYLE_BROWSABLE_HINT and CONTENT_STYLE_PLAYABLE_HINT definitions when displaying the MediaBrowser hierarchy.

If Automotive device implementations include a default launcher app, they:

[3.14/A-1-1] MUST include media services and open them with the CAR_INTENT_ACTION_MEDIA_TEMPLATE intent.

Automotive device implementations:

[3.8/A] MAY restrict the application requests to enter a full screen mode as described in immersive documentation .

. [3.8/A] MAY keep the status bar and the navigation bar visible at all times.

[3.8/A] MAY restrict the application requests to change the colors behind the system UI elements, to ensure those elements are clearly visible at all times.

2.5.4. Performance and Power

Automotive device implementations:

[8.2/A-0-1] MUST report the number of bytes read and written to non-volatile storage per each process's UID so the stats are available to developers through System API android.car.storagemonitoring.CarStorageMonitoringManager . The Android Open Source Project meets the requirement through the uid_sys_stats kernel module.

. The Android Open Source Project meets the requirement through the kernel module. [8.3/A-1-3] MUST support Garage Mode.

[8.3/A] SHOULD be in Garage Mode for at least 15 minutes after every drive unless: The battery is drained. No idle jobs are scheduled. The driver exits Garage Mode.

[8.4/A-0-1] MUST provide a per-component power profile that defines the current consumption value for each hardware component and the approximate battery drain caused by the components over time as documented in the Android Open Source Project site.

[8.4/A-0-2] MUST report all power consumption values in milliampere hours (mAh).

[8.4/A-0-3] MUST report CPU power consumption per each process's UID. The Android Open Source Project meets the requirement through the uid_cputime kernel module implementation.

kernel module implementation. [8.4/A] SHOULD be attributed to the hardware component itself if unable to attribute hardware component power usage to an application.

[8.4/A-0-4] MUST make this power usage available via the adb shell dumpsys batterystats shell command to the app developer.

2.5.5. Security Model

If Automotive device implementations support multiple users, they:

Automotive device implementations:

[9.11/A-0-1] MUST back up the keystore implementation with an isolated execution environment.

[9.11/A-0-2] MUST have implementations of RSA, AES, ECDSA and HMAC cryptographic algorithms and MD5, SHA1, and SHA-2 family hash functions to properly support the Android Keystore system's supported algorithms in an area that is securely isolated from the code running on the kernel and above. Secure isolation MUST block all potential mechanisms by which kernel or userspace code might access the internal state of the isolated environment, including DMA. The upstream Android Open Source Project (AOSP) meets this requirement by using the Trusty implementation, but another ARM TrustZone-based solution or a third-party reviewed secure implementation of a proper hypervisor-based isolation are alternative options.

[9.11/A-0-3] MUST perform the lock screen authentication in the isolated execution environment and only when successful, allow the authentication-bound keys to be used. Lock screen credentials MUST be stored in a way that allows only the isolated execution environment to perform lock screen authentication. The upstream Android Open Source Project provides the Gatekeeper Hardware Abstraction Layer (HAL) and Trusty, which can be used to satisfy this requirement.

[9.11/A-0-4] MUST support key attestation where the attestation signing key is protected by secure hardware and signing is performed in secure hardware. The attestation signing keys MUST be shared across large enough number of devices to prevent the keys from being used as device identifiers. One way of meeting this requirement is to share the same attestation key unless at least 100,000 units of a given SKU are produced. If more than 100,000 units of an SKU are produced, a different key MAY be used for each 100,000 units.

Note that if a device implementation is already launched on an earlier Android version, such a device is exempted from the requirement to have a keystore backed by an isolated execution environment and support the key attestation, unless it declares the android.hardware.fingerprint feature which requires a keystore backed by an isolated execution environment.

Automotive device implementations:

[9.14/A-0-1] MUST gatekeep messages from Android framework vehicle subsystems, e.g., whitelisting permitted message types and message sources.

[9.14/A-0-2] MUST watchdog against denial of service attacks from the Android framework or third-party apps. This guards against malicious software flooding the vehicle network with traffic, which may lead to malfunctioning vehicle subsystems.

Automotive device implementations:

2.6. Tablet Requirements

An Android Tablet device refers to an Android device implementation that typically meets all the following criteria:

Used by holding in both hands.

Does not have a clamshell or convertible configuration.

Physical keyboard implementations used with the device connect by means of a standard connection (e.g. USB, Bluetooth).

Has a power source that provides mobility, such as a battery.

Tablet device implementations have similar requirements to handheld device implementations. The exceptions are indicated by an * in that section and noted for reference in this section.

2.6.1. Hardware

Screen Size

[7.1.1.1/Tab-0-1] MUST have a screen in the range of 7 to 18 inches.

Gyroscope

If Tablet device implementations include a 3-axis gyroscope, they:

[7.3.4/Tab-1-1] MUST be capable of measuring orientation changes up to 1000 degrees per second.

Minimum Memory and Storage (Section 7.6.1)

The screen densities listed for small/normal screens in the handheld requirements are not applicable to tablets.

USB peripheral mode (Section 7.7.1)

If tablet device implementations include a USB port supporting peripheral mode, they:

[7.7.1/Tab] MAY implement the Android Open Accessory (AOA) API.

Virtual Reality Mode (Section 7.9.1)

Virtual Reality High Performance (Section 7.9.2)

Virtual reality requirements are not applicable to tablets.

Keys and Credentials (Section 9.11)

Refer to Section [9.11].

2.6.2. Software

[3.2.3.1/Tab-0-1] MUST preload one or more applications or service components with an intent handler, for all the public intent filter patterns defined by the following application intents listed here.

3. Software

3.1. Managed API Compatibility

The managed Dalvik bytecode execution environment is the primary vehicle for Android applications. The Android application programming interface (API) is the set of Android platform interfaces exposed to applications running in the managed runtime environment.

Device implementations:

[C-0-1] MUST provide complete implementations, including all documented behaviors, of any documented API exposed by the Android SDK or any API decorated with the “@SystemApi” marker in the upstream Android source code.

[C-0-2] MUST support/preserve all classes, methods, and associated elements marked by the TestApi annotation (@TestApi).

[C-0-3] MUST NOT omit any managed APIs, alter API interfaces or signatures, deviate from the documented behavior, or include no-ops, except where specifically allowed by this Compatibility Definition.

[C-0-4] MUST still keep the APIs present and behave in a reasonable way, even when some hardware features for which Android includes APIs are omitted. See section 7 for specific requirements for this scenario.

[C-0-5] MUST NOT allow third-party apps to use non-SDK interfaces, which are defined as methods and fields in the Java language packages that are in the boot classpath in AOSP, and that do not form part of the public SDK. This includes APIs decorated with the @hide annotation but not with a @SystemAPI , as described in the SDK documents and private and package-private class members.

[C-0-6] MUST ship with each and every non-SDK interface on the same restricted lists as provided via the greylist , greylist-max-o , greylist-max-p , and blacklist flags in prebuilts/runtime/appcompat/hiddenapi-flags.csv path for the appropriate API level branch in the AOSP.

[C-0-7] MUST support the signed config dynamic update mechanism to remove non-SDK interfaces from a restricted list by embedding signed configuration in any APK, using the existing public keys present in AOSP. However they: MAY, if a hidden API is absent or implemented differently on the device implementation, move the hidden API into the blacklist or omit it from all restricted lists (i.e. light-grey, dark-grey, black). MAY, if a hidden API does not already exist in the AOSP, add the hidden API to any of the restricted lists (i.e. light-grey, dark-grey, black).



3.1.1. Android Extensions

Android supports extending the managed API surface of a particular API level by updating the extension version for that API level. The android.os.ext.SdkExtensions.getExtensionVersion(int apiLevel) API returns the extension version of the provided apiLevel , if there are extensions for that API level.

Android device implementations:

[C-0-1] MUST preload the AOSP implementation of both the shared library ExtShared and services ExtServices with versions greater than or equal to the minimum versions allowed per each API level. For example, Android 7.0 device implementations, running API level 24 MUST include at least version 1.

[C-0-2] MUST only return valid extension version number that have been defined by the AOSP.

[C-0-3] MUST support all the APIs defined by the extension versions returned by android.os.ext.SdkExtensions.getExtensionVersion(int apiLevel) in the same manner as other managed APIs are supported, following the requirements in section 3.1.

3.1.2. Android Library

Due to Apache HTTP client deprecation, device implementations:

[C-0-1] MUST NOT place the org.apache.http.legacy library in the bootclasspath.

library in the bootclasspath. [C-0-2] MUST add the org.apache.http.legacy library to the application classpath only when the app satisfies one of the following conditions: Targets API level 28 or lower. Declares in its manifest that it needs the library by setting the android:name attribute of <uses-library> to org.apache.http.legacy .

library to the application classpath only when the app satisfies one of the following conditions:

The AOSP implementation meets these requirements.

3.2. Soft API Compatibility

In addition to the managed APIs from section 3.1, Android also includes a significant runtime-only “soft” API, in the form of such things as intents, permissions, and similar aspects of Android applications that cannot be enforced at application compile time.

3.2.1. Permissions

[C-0-1] Device implementers MUST support and enforce all permission constants as documented by the Permission reference page. Note that section 9 lists additional requirements related to the Android security model.

3.2.2. Build Parameters

The Android APIs include a number of constants on the android.os.Build class that are intended to describe the current device.

[C-0-1] To provide consistent, meaningful values across device implementations, the table below includes additional restrictions on the formats of these values to which device implementations MUST conform.

Parameter Details VERSION.RELEASE The version of the currently-executing Android system, in human-readable format. This field MUST have one of the string values defined in 11. VERSION.SDK The version of the currently-executing Android system, in a format accessible to third-party application code. For Android 11, this field MUST have the integer value 11_INT. VERSION.SDK_INT The version of the currently-executing Android system, in a format accessible to third-party application code. For Android 11, this field MUST have the integer value 11_INT. VERSION.INCREMENTAL A value chosen by the device implementer designating the specific build of the currently-executing Android system, in human-readable format. This value MUST NOT be reused for different builds made available to end users. A typical use of this field is to indicate which build number or source-control change identifier was used to generate the build. The value of this field MUST be encodable as printable 7-bit ASCII and match the regular expression “^[^ :\/~]+$”. BOARD A value chosen by the device implementer identifying the specific internal hardware used by the device, in human-readable format. A possible use of this field is to indicate the specific revision of the board powering the device. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. BRAND A value reflecting the brand name associated with the device as known to the end users. MUST be in human-readable format and SHOULD represent the manufacturer of the device or the company brand under which the device is marketed. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. SUPPORTED_ABIS The name of the instruction set (CPU type + ABI convention) of native code. See section 3.3. Native API Compatibility. SUPPORTED_32_BIT_ABIS The name of the instruction set (CPU type + ABI convention) of native code. See section 3.3. Native API Compatibility. SUPPORTED_64_BIT_ABIS The name of the second instruction set (CPU type + ABI convention) of native code. See section 3.3. Native API Compatibility. CPU_ABI The name of the instruction set (CPU type + ABI convention) of native code. See section 3.3. Native API Compatibility. CPU_ABI2 The name of the second instruction set (CPU type + ABI convention) of native code. See section 3.3. Native API Compatibility. DEVICE A value chosen by the device implementer containing the development name or code name identifying the configuration of the hardware features and industrial design of the device. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. This device name MUST NOT change during the lifetime of the product. FINGERPRINT A string that uniquely identifies this build. It SHOULD be reasonably human-readable. It MUST follow this template: $(BRAND)/$(PRODUCT)/

$(DEVICE):$(VERSION.RELEASE)/$(ID)/$(VERSION.INCREMENTAL):$(TYPE)/$(TAGS) For example: acme/myproduct/

mydevice:11/LMYXX/3359:userdebug/test-keys The fingerprint MUST NOT include whitespace characters. The value of this field MUST be encodable as 7-bit ASCII. HARDWARE The name of the hardware (from the kernel command line or /proc). It SHOULD be reasonably human-readable. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. HOST A string that uniquely identifies the host the build was built on, in human-readable format. There are no requirements on the specific format of this field, except that it MUST NOT be null or the empty string (""). ID An identifier chosen by the device implementer to refer to a specific release, in human-readable format. This field can be the same as android.os.Build.VERSION.INCREMENTAL, but SHOULD be a value sufficiently meaningful for end users to distinguish between software builds. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9._-]+$”. MANUFACTURER The trade name of the Original Equipment Manufacturer (OEM) of the product. There are no requirements on the specific format of this field, except that it MUST NOT be null or the empty string (""). This field MUST NOT change during the lifetime of the product. MODEL A value chosen by the device implementer containing the name of the device as known to the end user. This SHOULD be the same name under which the device is marketed and sold to end users. There are no requirements on the specific format of this field, except that it MUST NOT be null or the empty string (""). This field MUST NOT change during the lifetime of the product. PRODUCT A value chosen by the device implementer containing the development name or code name of the specific product (SKU) that MUST be unique within the same brand. MUST be human-readable, but is not necessarily intended for view by end users. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9_-]+$”. This product name MUST NOT change during the lifetime of the product. SERIAL MUST return "UNKNOWN". TAGS A comma-separated list of tags chosen by the device implementer that further distinguishes the build. The tags MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9._-]+” and MUST have one of the values corresponding to the three typical Android platform signing configurations: release-keys, dev-keys, and test-keys. TIME A value representing the timestamp of when the build occurred. TYPE A value chosen by the device implementer specifying the runtime configuration of the build. This field MUST have one of the values corresponding to the three typical Android runtime configurations: user, userdebug, or eng. USER A name or user ID of the user (or automated user) that generated the build. There are no requirements on the specific format of this field, except that it MUST NOT be null or the empty string (""). SECURITY_PATCH A value indicating the security patch level of a build. It MUST signify that the build is not in any way vulnerable to any of the issues described up through the designated Android Public Security Bulletin. It MUST be in the format [YYYY-MM-DD], matching a defined string documented in the Android Public Security Bulletin or in the Android Security Advisory, for example "2015-11-01". BASE_OS A value representing the FINGERPRINT parameter of the build that is otherwise identical to this build except for the patches provided in the Android Public Security Bulletin. It MUST report the correct value and if such a build does not exist, report an empty string (""). BOOTLOADER A value chosen by the device implementer identifying the specific internal bootloader version used in the device, in human-readable format. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9._-]+$”. getRadioVersion() MUST (be or return) a value chosen by the device implementer identifying the specific internal radio/modem version used in the device, in human-readable format. If a device does not have any internal radio/modem it MUST return NULL. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9._-,]+$”. getSerial() MUST (be or return) a hardware serial number, which MUST be available and unique across devices with the same MODEL and MANUFACTURER. The value of this field MUST be encodable as 7-bit ASCII and match the regular expression “^[a-zA-Z0-9._-,]+$”.

3.2.3. Intent Compatibility

3.2.3.1. Common Application Intents

Android intents allow application components to request functionality from other Android components. The Android upstream project includes a list of applications which implement several intent patterns to perform common actions.

Device implementations:

[C-SR] Are STRONGLY RECOMMENDED to preload one or more applications or service components with an intent handler, for all the public intent filter patterns defined by the following application intents listed here and provide fulfillment i.e meet with the developer expectation for these common application intents as described in the SDK.

Please refer to Section 2 for mandatory application intents for each device type.

3.2.3.2. Intent Resolution

[C-0-1] As Android is an extensible platform, device implementations MUST allow each intent pattern referenced in section 3.2.3.1 , except for Settings, to be overridden by third-party applications. The upstream Android open source implementation allows this by default.

[C-0-2] Device implementers MUST NOT attach special privileges to system applications' use of these intent patterns, or prevent third-party applications from binding to and assuming control of these patterns. This prohibition specifically includes but is not limited to disabling the “Chooser” user interface that allows the user to select between multiple applications that all handle the same intent pattern.

[C-0-3] Device implementations MUST provide a user interface for users to modify the default activity for intents.

However, device implementations MAY provide default activities for specific URI patterns (e.g. http://play.google.com) when the default activity provides a more specific attribute for the data URI. For example, an intent filter pattern specifying the data URI “http://www.android.com” is more specific than the browser's core intent pattern for “http://”.

Android also includes a mechanism for third-party apps to declare an authoritative default app linking behavior for certain types of web URI intents. When such authoritative declarations are defined in an app's intent filter patterns, device implementations:

[C-0-4] MUST attempt to validate any intent filters by performing the validation steps defined in the Digital Asset Links specification as implemented by the Package Manager in the upstream Android Open Source Project.

[C-0-5] MUST attempt validation of the intent filters during the installation of the application and set all successfully validated URI intent filters as default app handlers for their URIs.

MAY set specific URI intent filters as default app handlers for their URIs, if they are successfully verified but other candidate URI filters fail verification. If a device implementation does this, it MUST provide the user appropriate per-URI pattern overrides in the settings menu.

MUST provide the user with per-app App Links controls in Settings as follows: [C-0-6] The user MUST be able to override holistically the default app links behavior for an app to be: always open, always ask, or never open, which must apply to all candidate URI intent filters equally. [C-0-7] The user MUST be able to see a list of the candidate URI intent filters. The device implementation MAY provide the user with the ability to override specific candidate URI intent filters that were successfully verified, on a per-intent filter basis. [C-0-8] The device implementation MUST provide users with the ability to view and override specific candidate URI intent filters if the device implementation lets some candidate URI intent filters succeed verification while some others can fail.



3.2.3.3. Intent Namespaces

[C-0-1] Device implementations MUST NOT include any Android component that honors any new intent or broadcast intent patterns using an ACTION, CATEGORY, or other key string in the android. or com.android. namespace.

[C-0-2] Device implementers MUST NOT include any Android components that honor any new intent or broadcast intent patterns using an ACTION, CATEGORY, or other key string in a package space belonging to another organization.

[C-0-3] Device implementers MUST NOT alter or extend any of the intent patterns listed in section 3.2.3.1.

Device implementations MAY include intent patterns using namespaces clearly and obviously associated with their own organization. This prohibition is analogous to that specified for Java language classes in section 3.6.

3.2.3.4. Broadcast Intents

Third-party applications rely on the platform to broadcast certain intents to notify them of changes in the hardware or software environment.

Device implementations:

[C-0-1] MUST broadcast the public broadcast intents listed here in response to appropriate system events as described in the SDK documentation. Note that this requirement is not conflicting with section 3.5 as the limitation for background applications are also described in the SDK documentation. Also certain broadcast intents are conditional upon hardware support, if the device supports the necessary hardware they MUST broadcast the intents and provide the behavior inline with SDK documentation.

3.2.3.5. Conditional Application Intents

Android includes settings that provide users an easy way to select their default applications, for example for Home screen or SMS.

Where it makes sense, device implementations MUST provide a similar settings menu and be compatible with the intent filter pattern and API methods described in the SDK documentation as below.

If device implementations report android.software.home_screen , they:

[C-1-1] MUST honor the android.settings.HOME_SETTINGS intent to show a default app settings menu for Home Screen.

If device implementations report android.hardware.telephony , they:

[C-2-1] MUST provide a settings menu that will call the android.provider.Telephony.ACTION_CHANGE_DEFAULT intent to show a dialog to change the default SMS application.

[C-2-2] MUST honor the android.telecom.action.CHANGE_DEFAULT_DIALER intent to show a dialog to allow the user to change the default Phone application. MUST use the user-selected default Phone app's UI for incoming and outgoing calls except for emergency calls, which would use the preinstalled Phone app.

[C-2-3] MUST honor the android.telecom.action.CHANGE_PHONE_ACCOUNTS intent to provide user affordance to configure the ConnectionServices associated with the PhoneAccounts , as well as a default PhoneAccount that the telecommunications service provider will use to place outgoing calls. The AOSP implementation meets this requirement by including a "Calling Accounts option" menu within the "Calls" settings menu.

[C-2-4] MUST allow android.telecom.CallRedirectionService for an app that holds the android.app.role.CALL_REDIRECTION role.

[C-2-5] MUST provide the user affordance to choose an app that holds the android.app.role.CALL_REDIRECTION role.

role. [C-2-6] MUST honor the android.intent.action.SENDTO and android.intent.action.VIEW intents and provide an activity to send/display SMS messages.

[C-SR] Are Strongly Recommended to honor android.intent.action.ANSWER, android.intent.action.CALL, android.intent.action.CALL_BUTTON, android.intent.action.VIEW & android.intent.action.DIAL intents with a preloaded dialer application which can handle these intents and provide fulfillment as described in the SDK.

If device implementations report android.hardware.nfc.hce , they:

[C-3-1] MUST honor the android.settings.NFC_PAYMENT_SETTINGS intent to show a default app settings menu for Tap and Pay.

[C-3-2] MUST honor android.nfc.cardemulation.action.ACTION_CHANGE_DEFAULT intent to show an activity which opens a dialog to ask the user to change the default card emulation service for a certain category as described in the SDK.

If device implementations report android.hardware.nfc , they:

[C-4-1] MUST honor these intents android.nfc.action.NDEF_DISCOVERED, android.nfc.action.TAG_DISCOVERED & android.nfc.action.TECH_DISCOVERED, to show an activity which fulfills developer expectations for these intents as described in the SDK.

If device implementations support the VoiceInteractionService and have more than one application using this API installed at a time, they:

[C-4-1] MUST honor the android.settings.ACTION_VOICE_INPUT_SETTINGS intent to show a default app settings menu for voice input and assist.

If device implementations report android.hardware.bluetooth , they:

[C-5-1] MUST honor the ‘android.bluetooth.adapter.action.REQUEST_ENABLE’ intent and show a system activity to allow the user to turn on Bluetooth.

[C-5-2] MUST honor the ‘android.bluetooth.adapter.action.REQUEST_DISCOVERABLE’ intent and show a system activity that requests discoverable mode.

If device implementations support the DND feature, they:

[C-6-1] MUST implement an activity that would respond to the intent ACTION_NOTIFICATION_POLICY_ACCESS_SETTINGS , which for implementations with UI_MODE_TYPE_NORMAL it MUST be an activity where the user can grant or deny the app access to DND policy configurations.

If device implementations allow users to use third-party input methods on the device, they:

[C-7-1] MUST provide a user-accessible mechanism to add and configure third-party input methods in response to the android.settings.INPUT_METHOD_SETTINGS intent.

If device implementations support third-party accessibility services, they:

[C-8-1] MUST honor the android.settings.ACCESSIBILITY_SETTINGS intent to provide a user-accessible mechanism to enable and disable the third-party accessibility services alongside the preloaded accessibility services.

If device implementations include support for Wi-Fi Easy Connect and expose the functionality to third-party apps, they:

[C-9-1] MUST implement the Settings#ACTION_PROCESS_WIFI_EASY_CONNECT_URI Intent APIs as described in the SDK documentation.

If device implementations provide the data saver mode, they: * [C-10-1] MUST provide a user interface in the settings, that handles the Settings.ACTION_IGNORE_BACKGROUND_DATA_RESTRICTIONS_SETTINGS intent, allowing users to add applications to or remove applications from the allow list.

If device implementations do not provide the data saver mode, they:

[C-11-1] MUST have an activity that handles the Settings.ACTION_IGNORE_BACKGROUND_DATA_RESTRICTIONS_SETTINGS intent but MAY implement it as a no-op.

If device implementations declare the support for camera via android.hardware.camera.any they:

[C-12-1] MUST honor the android.media.action.STILL_IMAGE_CAMERA and android.media.action.STILL_IMAGE_CAMERA_SECURE intent and launch the camera in still image mode as described in the SDK.

and intent and launch the camera in still image mode as described in the SDK. [C-12-2] MUST honor the android.media.action.VIDEO_CAMERA intent to launch the camera in video mode as described in the SDK.

intent to launch the camera in video mode as described in the SDK. [C-12-3] MUST honor and only allow preinstalled Android applications to handle the following intents MediaStore.ACTION_IMAGE_CAPTURE , MediaStore.ACTION_IMAGE_CAPTURE_SECURE , and MediaStore.ACTION_VIDEO_CAPTURE as described in the SDK document.

If device implementations report android.software.device_admin , they:

[C-13-1] MUST honor the intent android.app.action.ADD_DEVICE_ADMIN to invoke a UI to bring the user through adding the device administrator to the system (or allowing them to reject it).

[C-13-2] MUST honor the intents android.app.action.ADMIN_POLICY_COMPLIANCE, android.app.action.GET_PROVISIONING_MODE, android.app.action.PROVISIONING_SUCCESSFUL, android.app.action.PROVISION_MANAGED_DEVICE, android.app.action.PROVISION_MANAGED_PROFILE, android.app.action.SET_NEW_PARENT_PROFILE_PASSWORD, android.app.action.SET_NEW_PASSWORD & android.app.action.START_ENCRYPTION and have an activity to provide fulfillment for these intents as described in SDK here.

If device implementations declare the android.software.autofill feature flag, they:

[C-14-1] MUST fully implement the AutofillService and AutofillManager APIs and honor the android.settings.REQUEST_SET_AUTOFILL_SERVICE intent to show a default app settings menu to enable and disable autofill and change the default autofill service for the user.

If device implementations include a pre-installed app or wish to allow third-party apps to access the usage statistics, they:

[C-SR] are STRONGLY RECOMMENDED provide user-accessible mechanism to grant or revoke access to the usage stats in response to the android.settings.ACTION_USAGE_ACCESS_SETTINGS intent for apps that declare the android.permission.PACKAGE_USAGE_STATS permission.

If device implementations intend to disallow any apps, including pre-installed apps, from accessing the usage statistics, they:

[C-15-1] MUST still have an activity that handles the android.settings.ACTION_USAGE_ACCESS_SETTINGS intent pattern but MUST implement it as a no-op, that is to have an equivalent behavior as when the user is declined for access.

If device implementations report the feature android.hardware.audio.output , they:

[C-SR] Are Strongly Recommended to honor android.intent.action.TTS_SERVICE, android.speech.tts.engine.INSTALL_TTS_DATA & android.speech.tts.engine.GET_SAMPLE_TEXT intents have an activity to provide fulfillment for these intents as described in SDK here.

Android includes support for interactive screensavers, previously referred to as Dreams. Screen Savers allow users to interact with applications when a device connected to a power source is idle or docked in a desk dock. Device Implementations:

SHOULD include support for screen savers and provide a settings option for users to configure screen savers in response to the android.settings.DREAM_SETTINGS intent.

3.2.4. Activities on secondary/multiple displays

If device implementations allow launching normal Android Activities on more than one display, they:

[C-1-1] MUST set the android.software.activities_on_secondary_displays feature flag.

feature flag. [C-1-2] MUST guarantee API compatibility similar to an activity running on the primary display.

[C-1-3] MUST land the new activity on the same display as the activity that launched it, when the new activity is launched without specifying a target display via the ActivityOptions.setLaunchDisplayId() API.

API. [C-1-4] MUST destroy all activities, when a display with the Display.FLAG_PRIVATE flag is removed.

flag is removed. [C-1-5] MUST securely hide content on all screens when the device is locked with a secure lock screen, unless the app opts in to show on top of lock screen using Activity#setShowWhenLocked() API.

API. SHOULD have android.content.res.Configuration which corresponds to that display in order to be displayed, operate correctly, and maintain compatibility if an activity is launched on secondary display.

If device implementations allow launching normal Android Activities on secondary displays and a secondary display has the android.view.Display.FLAG_PRIVATE flag:

[C-3-1] Only the owner of that display, system, and activities that are already on that display MUST be able to launch to it. Everyone can launch to a display that has android.view.Display.FLAG_PUBLIC flag.

3.3. Native API Compatibility

Native code compatibility is challenging. For this reason, device implementers are:

[SR] STRONGLY RECOMMENDED to use the implementations of the libraries listed below from the upstream Android Open Source Project.

3.3.1. Application Binary Interfaces

Managed Dalvik bytecode can call into native code provided in the application .apk file as an ELF .so file compiled for the appropriate device hardware architecture. As native code is highly dependent on the underlying processor technology, Android defines a number of Application Binary Interfaces (ABIs) in the Android NDK.

Device implementations:

[C-0-1] MUST be compatible with one or more defined ABIs and implement compatibility with the Android NDK.

[C-0-2] MUST include support for code running in the managed environment to call into native code, using the standard Java Native Interface (JNI) semantics.

[C-0-3] MUST be source-compatible (i.e. header-compatible) and binary-compatible (for the ABI) with each required library in the list below.

[C-0-5] MUST accurately report the native Application Binary Interface (ABI) supported by the device, via the android.os.Build.SUPPORTED_ABIS , android.os.Build.SUPPORTED_32_BIT_ABIS , and android.os.Build.SUPPORTED_64_BIT_ABIS parameters, each a comma separated list of ABIs ordered from the most to the least preferred one.

, , and parameters, each a comma separated list of ABIs ordered from the most to the least preferred one. [C-0-6] MUST report, via the above parameters, a subset of the following list of ABIs and MUST NOT report any ABI not on the list. armeabi armeabi-v7a arm64-v8a x86 x86-64 [C-0-7] MUST make all the following libraries, providing native APIs, available to apps that include native code: libaaudio.so (AAudio native audio support) libamidi.so (native MIDI support, if feature android.software.midi is claimed as described in Section 5.9) libandroid.so (native Android activity support) libc (C library) libcamera2ndk.so libdl (dynamic linker) libEGL.so (native OpenGL surface management) libGLESv1_CM.so (OpenGL ES 1.x) libGLESv2.so (OpenGL ES 2.0) libGLESv3.so (OpenGL ES 3.x) libicui18n.so libicuuc.so libjnigraphics.so liblog (Android logging) libmediandk.so (native media APIs support) libm (math library) libneuralnetworks.so (Neural Networks API) libOpenMAXAL.