Google says 80% of all Android apps encrypt network traffic by default

Google says 80% of all Android apps encrypt network traffic by default

We may earn a commission for purchases made using our links.

Security is a big concern on mobile devices and Google is committed to keeping Android users safe. One of the methods Google uses to keep data safe is protecting network traffic that enters or leaves an Android device with something called “Transport Layer Security” (TLS). Android 10 added support for TLS 1.3 and Google is now announcing that 80% of Android apps are encrypting traffic by default.

The number is even higher for Android 9+ devices, with 90% encrypting traffic by default. Since November 1st, all Android app updates must target Android 9 or above. This means the percentage should only continue to improve. Any use of unencrypted connections is due to an explicit choice by the app developer, which makes it much less likely to happen.

As you can see in the chart above, the percentage of apps that block cleartext by default has drastically risen in the last year. At this time last year, it was close to only 20%. Google has made a ton of headroom in this area. Google is also combating this with warnings in Android Studio when an app includes a potentially insecure Network Security Configuration. This further encourages developers to adopt HTTPS.

For more information about securing your app, you can go to Android’s Network Security Configuration page and read more about TLS by default with this blog post.