In a surprise move, Google announced Thursday that it has updated its peer-to-peer file transfer service, Quick Share, to work with Apple’s device AirDrop, allowing users to more easily share files and photos between Android and iPhone devices.
The cross-platform sharing feature is currently limited to the Pixel 10 lineup and works with iPhone, iPad, and macOS devices, with plans to expand to additional Android devices in the future.
To transfer files from a Pixel 10 phone over AirDrop, the only caveat is that the Apple device owner must ensure that their iPhone (or iPad or Mac) is discoverable to anyone – which can be enabled for 10 minutes.
Similarly, according to a support document published by Google, to receive content from an Apple device, Android device users need to adjust their Quick Share visibility settings to Everyone for 10 minutes or remain in receive mode on the Quick Share page.
“We built Quick Share’s interoperability support for AirDrop with the same rigorous security standards that we apply to all Google products,” said Dave Kledermacher, vice president of platform security and privacy at Google.
At the heart of the future is a multi-layered security approach powered by the memory-safe Rust programming language to create a secure sharing channel, which Google said eliminates an entire class of memory security vulnerabilities, making its implementation resilient against attacks that attempt to exploit memory errors.
The tech giant also noted that while the feature does not rely on any workarounds and data is not routed through servers, it is open to working with Apple to enable a “Contacts Only” mode in the future.
NetSPI, which conducted an independent assessment in August 2025, said, “Google’s implementation of its version of Quick Share does not introduce vulnerabilities into the broader protocol’s ecosystem.”
“Although it shares specific features with implementations by other manufacturers, this implementation is reasonably more secure. In fact, the file exchange process is remarkably robust, as it does not leak any information, which is a common weakness in other manufacturers’ implementations.”
That said, its analysis revealed a low-severity information disclosure vulnerability (CVSS score: 2.1) that could allow an attacker with physical access to the device to access information such as image thumbnails and SHA256 hashes of phone numbers and email addresses. This has since been addressed by Google.
The development comes as Google said it has blocked over 115 million attempts in India to install sideloaded apps that request access to sensitive permissions leading to financial fraud. The company also said it is piloting a new feature in the country in collaboration with financial services like Google Pay, Navi and Paytm to tackle scams that trick users into opening apps while sharing the screen.
“Devices running Android 11+ now show a prominent alert if a user opens one of these apps while sharing the screen on a call with an unknown contact,” said Ivan Kotsovinos, vice president of privacy, safety and security at Google. “This feature provides users with a one-tap option to end a call and stop screen sharing, protecting them from potential fraud.
Finally, Google said it is also developing Enhanced Phone Number Verification (ePNV), which it described as a new Android-based security protocol that replaces the SMS OTP flow with SIM-based verification to improve sign-in security.
