Google has confirmed it is working to patch a security flaw in its Android operating system that allows the Gemini AI assistant to send SMS messages without requiring a lock screen PIN. The vulnerability, triggered by a specific multi-touch gesture, bypasses the authentication prompt that normally prevents unauthorised access to messaging functions.
The issue affects Android devices where Gemini is set as the default digital assistant. By performing the gesture on the lock screen, an attacker or anyone with physical access to the phone can instruct Gemini to compose and send text messages, circumventing the device's primary security layer. Google has not yet disclosed which Android versions are affected or when the patch will be released, but has stated a fix is in development.
For UK consumers, the flaw poses a significant privacy and security risk. A lost or stolen phone could be used to send messages without the owner's knowledge, potentially enabling fraud or harassment. Businesses that rely on Android devices for work communications may face data exposure risks, particularly if sensitive information is shared via SMS. The vulnerability also highlights the broader challenge of integrating powerful AI assistants with core device security controls.
The UK's Information Commissioner's Office (ICO) may take an interest in the incident, as the bypass could lead to unauthorised processing of personal data. Under UK data protection law, organisations must ensure that AI systems handling personal data do so securely. Separately, the EU AI Act, which classifies AI systems by risk level, could impose stricter requirements on assistant technologies like Gemini if they are deemed to pose systemic risks to users' privacy or security.
Dr. Priya Sharma, a cybersecurity researcher at the University of Cambridge, said: 'This flaw is a reminder that convenience features in AI assistants can inadvertently weaken device security. While Google's quick response is welcome, the incident underscores the need for rigorous testing of AI integrations with core operating system functions.' For UK businesses, the risk is twofold: employee devices could be exploited, and any corporate data sent via compromised SMS could lead to regulatory penalties under GDPR.
Google has not specified a timeline for the fix, but users are advised to disable Gemini as the default assistant on the lock screen until a patch is available. The incident adds to growing scrutiny of AI assistants' security postures, as regulators worldwide push for greater transparency and accountability in how these systems handle user data.