Advanced Protection Mode in Android 17 prevents apps from misusing Accessibility Services

Pierluigi Paganini
March 16, 2026

Android 17 will block non-accessibility apps from using the Accessibility API under Advanced Protection Mode to reduce malware abuse.

Android 17 introduces a new security feature in Advanced Protection Mode (AAPM) that blocks apps without accessibility functions from accessing the Accessibility API. The change, first reported by Android Authority and included in Android 17 Beta 2, aims to prevent malware from abusing these services to spy on users, steal data, or control devices.

The AccessibilityService API allows apps to interact deeply with the Android interface to help people with disabilities navigate and control their devices. Apps designed for accessibility can declare the isAccessibilityTool attribute and are exempt from some disclosure requirements.

However, this powerful access has been abused by malware in the past. Malicious apps have used the API to read screen content, capture keystrokes, click buttons automatically, grant themselves permissions, and steal sensitive data such as banking credentials. Because it can control the interface, attackers have leveraged it to perform fraud, install additional malware, and bypass security prompts.

The new feature adds stricter security settings, including blocking app installs from unknown sources, limiting USB data access, and requiring Google Play Protect scans. The update also restricts use of the Accessibility Services API, allowing only verified accessibility tools marked with the isAccessibilityTool=”true” flag. Developers can detect when the mode is enabled using the AdvancedProtectionManager API and adapt their apps with stronger security controls.

“Designed as an opt-in feature, AAPM is activated with a single configuration setting that users can turn on at any time to apply an opinionated set…

Source

Advanced Protection Mode in Android 17 prevents apps from misusing Accessibility Services