Google makes secure boot and full-disk encryption mandatory for Android 6.0 devices

Google is really making some changes in its standards since Android 6.0 Marshmallow release. The first was the regulation for fingerprint sensors, now it requires all Android devices to have a secure boot and a full-disk encryption before it can be declared as an Android 6.0 compatible device.

Android Marshmallow

It is also mentioned that if the device has an Advanced Encryption Standard (AES) performance rating of 50MB/s and above, the full-disk encryption must be enabled by default at the time of initial setup. By doing so, the device can verify the integrity and the authenticity of the apps during device boot sequences and prevents boot-level attacks that bypass encryption. It also specifies on using 128-bit or higher AES keys, not storing keys on the storage and never transmitting encryption key off the Android 6.0 device.

The changes are now updated under the Android Compatibility Definition Document.

Google did try this with the previous generation Android 5.0 OS ‘Lollipop’, but decided to roll back due to performance issues with some Android devices.
If the potential Android devices do not pass 6.0 requirements, the device will not have any access to Google Play Store access or any of its apps. With a series of requirements for both software and hardware, this should help to keep innumerable phone manufacturers in check.

There is an exception, such as devices with less than 512MB RAM and no secure lock screen could opt out of full-disk encryption.

Source: 1