With more devices being connected every day, malware practices have increased over the years. While ransomware attacks have increased to 36% over the years (almost 4000 a day), Microsoft estimates that the potential cost of global cybercrime is at about $500 billion. Up to the first quarter of 2018, Android’s global market share was at 85.9% up from 76% in 2017. With almost 98% of malware attacks being targeted on the Android platform, it is becoming a prime target for hackers. For enterprise devices, enterprise customers must minimize security vulnerabilities to keep their devices secure due to increased business impact. For consumer devices, OEMs find it challenging to protect their investment and reduce total cost of ownership over the devices’ lifetime. Consumer Electronics OEMs are also coming into the fold of the Android Enterprise Recommended Program to ensure market confidence and are supplying devices to enterprises in order to increase their market share.

Android maintenance is mandated by Android Enterprise Recommended Program for both enterprise and consumer devices and involves providing security patches every month as a compliance.

With over 1200 person months’ experience, Sasken has played a crucial role in delivering Android Security Management services and addressed 6000+ common vulnerabilities and exposures (CVEs) on 90+ models for both consumer electronics and enterprise device customers. Sasken has successfully ported all versions of Android from Eclair to the latest Android 10 and enabled leading OEMs to launch their Android-based consumer and enterprise devices on various chipsets (Qualcomm, MediaTek, Texas Instruments, etc.) in operator networks in North America and Asia. Sasken’s Android Security Management Center of Excellence (CoE), comprised of Android Security Management experts and an Android Security Management lab, provides subscription-based Android Security Management services that enable OEMs to reduce efforts in managing security upgrades and provide long-term maintenance of security upgrades.


  • Complete ownership of providing security patches to OEMs for Android devices
  • Pre-built and tested part-patch-update at a defined cadence:
    • Analysis on OEM’s Device:
      • Verify Target OS relevance for that device
      • Analysis of patches
    • Integration:
      • Direct integration for supported Android versions
      • Propagating patches
      • Resolving merge conflicts
    • Validation:
      • End-to-end platform testing
      • Google pre-certification
      • Resolving merge conflict
      • Analysis on OEM’s Device:
          • Verify Target OS relevance for that device
          • Analysis of patches
    • Certification support:
      • Google Compliance (CTS, GTS, CTS-on-GSI, CTS Instant, VTS, STS)
      • Carrier Certification Support
    • OTA campaign deployment support
    • Backporting of patches to legacy Android versions
    •  Dedicated engineering team working in factory-model on all chipsets variants ensuring uninterrupted support and integration ready patches available every month
    • Sasken Security Package (SSP) contains integrated AOSP and chipset security patches