Google wants OEMs to release security updates to phones for at least 2 years: Report

With phones storing more personal and critical data, security updates have become crucial to keep hackers at bay. While Apple has a tight software ecosystem, Google's Android space is highly fragmented. Another challenge for Google is that OEMs are not building phones that can handle software updates in the next few years.

Several Android OEMs are guilty of delaying software and security updates to their users, especially the ones on two or older devices. Google is now reportedly finally fixing this problem.

Google is making stricter rules for OEMs to regularly roll out security updates, according to reports. A new OEM agreement discovered by The Verge states that Android smartphones need to be updated for at least two years. The agreement requires four compulsory updates to roll out in the first year. Security updates should continue for the second year but details on the number haven't been revealed.

This new OEM agreement will be applicable to devices launched after January 31, 2018 and activated by over 100,000 users. Google has already started applying patching requirements to 75% of OEM's "security mandatory models". These listed smartphones will have to comply with the new rules from January 31, 2019.

OEMs failing to provide security updates for bug fixes identified within 90 days will have to face consequences. This applies to smartphones which haven't been launched as yet. Google will revoke Android access to these devices which would lead to OEMs not being able to launch them at all.

The report further mentions that this agreement is part of Google's latest Android agreement with OEMs in EU. Under the new agreement, OEMs will have to pay a fee of up to $40 to install Google's services on smartphones.