Google automatically backs up some of your phone's data, like SMS messages (Nexus/Pixel only) and call history, to the cloud. That way, if you need to wipe your device or it gets lost/stolen, you're not completely out of luck. Android Pie includes changes to how these backups are stored, so not even Google can read your data.

In the company's online security blog, Google revealed that "devices can take advantage of a new capability where backed-up application data can only be decrypted by a key that is randomly generated at the client." The key is based on the user's lock screen password, which isn't known by Google. The data is then stored on a Titan security module on one of Google's servers, which permanently blocks access after too many failed attempts.

To ensure the new backup method was fully secure, Google hired security firm NCC Group to perform a full audit. The agency discovered a few issues, but Google says the problems were quickly fixed. The full report is available here.

It's not clear exactly which phones use this new backup functionality, but Android 9 Pie is one of the requirements. At the very least, it's probably safe to assume Google's own Pixel devices utilize it.

Source: Google Online Security Blog