Android is known for packing in loads of features, so much so that most users don’t even know their phones have a specific feature. A lot of these features revolve around connectivity or specific sensors in your phone.
In this article, we’re talking about Beaming Service, otherwise known as Android Beam.
What is Android Beam?
Much like Bluetooth and WiFi Direct, Android Beam is a data transfer feature that relies on NFC instead.
Now NFC (Near Field Communication) is generally used to make contactless payments or program NFC tags to trigger a specific action. Still, it can also transfer data such as images, files, documents, music, videos or even entire apps.
The Beaming Service on your phone refers to the system process that controls the Android Beam feature and facilitates connection and data transfer between devices.
While this does sound like a viable alternative to Bluetooth or WiFi Direct, it does come with some serious security implications.
Also read: What is an NFC attack? How does it work and 3 preventive measures
Vulnerabilties in Android Beam
Back in October 2019, Google patched a bug that allowed hackers to spread malware using Android Beam. The fix came after a security researcher called Y. Shafranovich discovered that the apps sent using the feature does not show any specific prompts and are installed by tapping the data transfer notification.
Usually, when we install apps using another app (the Play Store, for example), Android asks for permission letting the user decide whether or not they want to allow that specific app to install other apps or not. Android 8 and later versions wouldn’t show this prompt, installing the transferred app with a single tap instead.
Until Android 8, the installing app from unknown sources setting was a universal toggle. Afterwards, Google redesigned this system to work on a per-app basis, allowing users to maintain a safelist of apps that could install other apps. As you can guess, Android’s Beaming Service was one of the default safe listed apps.
However, the October 2019 Android security patch removed it from the list of Safelisted apps. So if you’ve got an up to date Android device, you don’t have to worry about this problem. However, we do suggest not transferring apps over Android Beam still.
Also read: What is App Stack on Android?