Android Private Compute Core Architecture

TL;DR

Android's Private Compute Core (PCC) provides a secure, isolated environment within the OS for privacy-preserving machine learning features, enabling data control and model updates while maintaining user privacy.

Contribution

This paper introduces the architecture and open-source implementation of Android's Private Compute Core, a secure environment for privacy-preserving ML features within the OS.

Findings

PCC enables secure ML feature hosting within Android.

PCC supports model updates and training through Private Compute Services.

PCC enhances user privacy by isolating data from apps and servers.

Abstract

Android's Private Compute Core (PCC) is a secure, isolated environment within the operating system, that maintains separation from apps while enabling users and developers to maintain control over their data. It is backed by open-source code in the Android Framework introduced in Android 12. PCC allows features to communicate with a server to receive model updates and contribute to global model training through Private Compute Services (PCS), the core of which has been open sourced. PCC is part of the OS, and by virtue of being isolated, constrained, and trusted, it can host sophisticated ML features. The hosted features themselves, running inside PCC, can be closed source and updatable. In this way, PCC enables machine learning features to process ambient and OS-level data and improve over time, while restricting the availability of information about individual users to servers or apps.