The recent rollout of Google Play services v10.2 came with a cool new Instant Tethering feature that automatically enables a small set of devices to sip on a shared cellular signal when they're in need. Aside from a couple of minor tweaks, that appears to be the only major functional change we're supposed to access at this time. However, that doesn't mean there aren't a few other things waiting to be revealed. Fresh additions to the APK reveal new data types coming to the Google Fit API. There's also support baked in for the new FIDO Alliance U2F tokens for secure authentication.
The features discussed below are probably not live yet, or may only be live for a small percentage of users. Unless stated otherwise, don't expect to see these features if you install the apk.
Google Fit v2 API
Rumors have circulated for a while that Fit v2.0 will launch alongside Android Wear 2.0 next month. The exact details haven't been available, but a batch of new strings in the Play services v10.2 update give away quite a bit about what's to come. There are many different items and most of them can be organized into smaller groups. Keep in mind that some of these are old fields that we've seen before, and others will be completely new. Also, while most of the data fields will track individual numbers over time (e.g. height and weight), some of these are broad categories that will contain a considerable amount of specially-formed data (e.g. nutrition).
First, just about every Google Fit user has filled in a pair of basic physical attributes at some point: height and weight. They've been around since the very beginning. However, the list will soon grow to include hip size and waist size. These numbers may be used for more advanced calculations, estimates about good health, and tracking progress while trying to slim down.
- Hip size
- Waist size
Digging a bit deeper into the physical attributes, some of the new fields will also cover details about your natural metabolism and circulatory health. A couple of these can be measured through sensors on some phones and watches, but most will require special tests or additional accessories.
- Body fat percentage
- Body temperature
- Basal body temperature
- Basal metabolic rate
- Blood glucose
- Blood pressure
- Blood oxygen saturation
And the final area that reflects our natural state of health has to do with the things we put into our body, thus we'll be able to store data related to our nutrition and hydration. Both categories have been represented before – nutrition was actually launched in v1.55, and a teardown of v1.61 revealed plans to add hydration tracking.
Since the beginning, Google Fit has generally been focused on physical activity and workouts. It was all about recording the steps you took, the calories you burned, and what you were doing (and for how long). Obviously all of that will be staying, and there won't be much change in that regard. We'll still record the things we're doing, where they were done, how many calories were burned, and possibly our heart rate during the exercise.
- Workout exercises
- Calories expended
- Heart rate
Activity-specific fields are still represented, but some will become more detailed, like separately tracking the revolutions of bicycle wheels and pedals, or the cadence of each step we take.
- Cycling pedal revolutions
- Cycling wheel revolutions
- Distance covered
- Step cadence
- Power output
And finally, we get into a topic that has been a hotbed issue on iOS in the past. When Apple launched HealthKit in 2014, it was widely criticized for lacking basic facilities for tracking issues that are unique to women. Google mostly avoided such criticism because Fit was designed to take a very narrow approach to tracking health factors while Apple was claiming to be a one-stop-shop for recording everything. Judging by some new field names, Google isn't leaving women's health to chance. The titles say it all:
- Cervical mucus
- Cervical position
- Ovulation test results
- Floor changes
- Vaginal spotting
I must reiterate that some of the fields above may be more complicated than they sound and expect quite a bit of information while others may be fairly simple. It's also possible many of them will not have a user interface in the Fit app for either editing or even viewing, so third-party apps may still be the only way to make use of these.
While Google Fit v2.0 may be directly linked to the release of Android Wear v2.0 (for obvious reasons), I think it's safe to assume Google will dedicate a blog post to the changes in the Google Fit API, so we'll get more in-depth details shortly.
<string name="fitness_data_type_name_body_hip_circumference">Hip size</string>
<string name="fitness_data_type_name_body_waist_circumference">Waist size</string>
<string name="fitness_data_type_name_body_fat_percentage">Body fat percentage</string>
<string name="fitness_data_type_name_body_temperature">Body temperature</string>
<string name="fitness_data_type_name_body_temperature_basal">Basal body temperature</string>
<string name="fitness_data_type_name_calories_bmr">Basal metabolic rate</string>
<string name="fitness_data_type_name_blood_glucose">Blood glucose</string>
<string name="fitness_data_type_name_blood_pressure">Blood pressure</string>
<string name="fitness_data_type_name_oxygen_saturation">Blood oxygen saturation</string>
<string name="fitness_data_type_name_activity_exercise">Workout exercises</string>
<string name="fitness_data_type_name_cycling_pedal_revolution">Cycling pedal revolutions</string>
<string name="fitness_data_type_name_cycling_wheel_revolution">Cycling wheel revolutions</string>
<string name="fitness_data_type_name_distance">Distance covered</string>
<string name="fitness_data_type_name_step_count_cadence">Step cadence</string>
<string name="fitness_data_type_name_calories_expended">Calories expended</string>
<string name="fitness_data_type_name_power_sample">Power output</string>
<string name="fitness_data_type_name_heart_rate_bpm">Heart rate</string>
<string name="fitness_data_type_name_cervical_mucus">Cervical mucus</string>
<string name="fitness_data_type_name_cervical_position">Cervical position</string>
<string name="fitness_data_type_name_floor_change">Floor changes</string>
<string name="fitness_data_type_name_ovulation_test">Ovulation test results</string>
<string name="fitness_data_type_name_vaginal_spotting">Vaginal spotting</string>
FIDO authentication tokens
These days, the absolute worst account to have compromised is your email. It contains tons of archived information and serves as a primary method for resetting forgotten passwords on other services. The risks of a compromised email address, assuming it's one that matters, can be pretty severe. This is why it's always recommended that users set up 2-factor authentication (2FA). Most people will choose single-use TOTP codes for 2FA, generated by apps like Google Authenticator or Authy because they're free and relatively convenient.
For those logging in on a laptop or desktop computer, one alternative is to use a physical authentication key that plugs into a USB port and generates similar single-use codes. These use a standard created by the FIDO Alliance. If you have to generate codes often, this is definitely the faster way to do it, and it's arguably more secure than relying on some other methods.
These devices originally only worked through a USB connection, but in 2015, new standards were drafted to support communication over NFC and Bluetooth (and BLE). This removed the hurdle of plugging in one of these keys into a device that didn't have a USB port, or possibly no ports at all. That was the physical hurdle, but the software had to support it too. Now it looks like Google has taken care of the software side. There are dozens of new strings related to the use of FIDO-certified security keys and communicating with them through NFC and Bluetooth.
<string name="fido_welcome_body">Using your Security Key with %1$s helps protect your private data.</string>
<string name="fido_use_ble_instead">Use your Security Key with Bluetooth</string>
<string name="fido_use_nfc_instead">Use your Security Key with NFC</string>
<string name="fido_ble_device_icon_content_description">Discovered Bluetooth device</string>
<string name="fido_ble_dont_see_your_key_dialog_message">Press and hold the button on your key for at least 5 seconds to make sure it's in pairing mode</string>
<string name="fido_ble_dont_see_your_key_hint">Don't see your key?</string>
<string name="fido_ble_enable_title">Turn on Bluetooth</string>
<string name="fido_ble_enable_body">Your Security Key only works when your device's Bluetooth is on</string>
<string name="fido_ble_instructions_title">Allow using your Security Key?</string>
<string name="fido_ble_instructions_body">To use most keys, simply tap the button</string>
<string name="fido_nfc_enable_title">Turn on NFC</string>
<string name="fido_nfc_enable_body">Your Security Key only works when your device's NFC is on</string>
<string name="fido_nfc_instructions_title">Allow using your Security Key?</string>
<string name="fido_nfc_instructions_body">Hold your key flat against the back of your device until it stops vibrating</string>
<string name="fido_ble_locate_pin_title">Find the Bluetooth pairing PIN for your key</string>
<string name="fido_ble_locate_pin_body">The pairing PIN is usually a 4 or 6 digit number and may be on the back of your key. Continue when you are ready to enter the PIN.</string>
<string name="fido_ble_pair_instructions_title">Ready to pair your Security Key?</string>
<string name="fido_ble_pair_instructions_body">Pair your key to this device so you can use it with your account</string>
<string name="fido_ble_pairing_mode_title">Get into pairing mode</string>
<string name="fido_ble_pairing_mode_body">Press and hold the button on your Security Key for at least 5 seconds</string>
<string name="fido_ble_select_device_title">Select your Security Key</string>
<string name="fido_ble_select_device_body">From the list below select the Security Key you wish to pair with your device. The name may be printed on the back of the key.</string>
<string name="fido_ble_dont_see_your_key_dialog_title">Something went wrong</string>
<string name="fido_ble_enable_turn_on_button">TURN ON</string>
<string name="fido_ble_pair_device_pairing">Pairing your Security Key…</string>
<string name="fido_ble_pairing_failure_dialog_message">Get your key back into pairing mode</string>
<string name="fido_ble_pairing_failure_dialog_positive_button">TRY AGAIN</string>
<string name="fido_ble_pairing_failure_dialog_title">Something went wrong</string>
<string name="fido_nfc_enable_turn_on_button">TURN ON</string>
<string name="fido_pair_another_security_key">Pair another Security Key</string>
<string name="fido_processing">Verifying your Security Key…</string>
<string name="fido_transport_selection_bluetooth">Use Security Key with Bluetooth</string>
<string name="fido_transport_selection_body">Security Keys work with Bluetooth and NFC. Choose how you want to use your key.</string>
<string name="fido_transport_selection_nfc">Use Security Key with NFC</string>
<string name="fido_transport_selection_title">Choose how to use your Security Key</string>
<string name="fido_welcome_get_started_button">GET STARTED</string>
<string name="fido_welcome_title">Use your Security Key with %1$s</string>
There's really very little to say about the strings themselves, they are just standard instructions for using this type of security token wirelessly. The significance is simply that the strings are there.
So, what does this all mean? Let's say your Google account is protected by 2FA and you've registered a key with NFC capabilities, like this one from Yubico. The next time you want to set up a new phone, you'll be able to enter your account name and password, then instead of getting a code out of Google Authenticator or Authy, you can hold your security key up to the NFC reader and immediately authenticate yourself.
Ok, it might not sound that special if you aren't in the right situation, but it's pretty cool if you have to authenticate every time you log in and that turns out to be a common occurrence. For example, Facebook basically requires its employees to use these.
The APK is signed by Google and upgrades your existing app. The cryptographic signature guarantees that the file is safe to install and was not tampered with in any way. Rather than wait for Google to push this download to your devices, which can take days, download and install it just like any other APK.