One upon a time, once you stole someone’s Android phone and did a factory reset in recovery mode, it was as good as new and you were good to go. That changed with FRP.
So what is FRP?
FRP stands for Factory Reset Protection. As the name implies, its a protection / security measure that kicks in once you do a factory reset on a supported Android device.
You’ll be required to enter the credentials of the Google account which had been linked to the device before the reset.
Do all Android devices support FRP ?
FRP was introduced in Android 5.1 Lollipop so if your device runs on 5.1 or higher then it most likely supports it.
What triggers FRP?
Doing a factory data reset under Settings won’t trigger FRP as this removes associated Google accounts.
To trigger FRP:
- Set a lock screen (e.g pattern lock)
- Boot into recovery mode
- Do a factory reset while in recovery mode
- Reboot the device
How is FRP bypassed?
Sadly, FRP isn’t that secure. There are a number of techniques to bypass FRP; boxes / dongles, apks, flash tools etc. We have a collection for Unisoc / Spreadtrum, Mediatek and Generic Qualcomm. I won’ be delving into that in this piece but one general technique is to wipe the FRP partition on the device 😉 .
Can bypassing FRP land me in trouble?
If the device is stolen then you’re complicit. I know a number of phone engineers who have landed in Police custody over network unlocking modems / phones, bypassing FRP on Android and iCloud on iOS.
Lets take a few steps back here shall we?
FRP is supposed to be an anti-theft feature isn’t it? This means the owner should be able to supply their Google credentials to proceed right? Its therefore logical to say that anyone looking to bypass FRP mustn’t be the real owner of the device. That makes the device a possibly stolen one according to this argument.
While this is partly true, there are some situations where bypassing FRP is needed even for the owner of the phone.
- The phone was a gift from the previous owner: The phone might have been a gift from someone or inherited from a deceased friend / relative. In these situations, the previous owner might be unwilling or unable to provide their login credentials
- No internet: The FRP screen requires an internet connection to verify the credentials you supply. In a case where you have a very poor internet / no internet connection then the login approach isn’t viable
- Null IMEI / WiFi problem: If the device in question has developed a NULL IMEI then mobile data won’t work. Same applies if the wireless won’t come on or you’re unable to create a WiFi connection with another device
- Crashing keyboard: In a situation where the keyboard keeps crashing (unfortunately Gboard has stopped is a popular error), you couldn’t exactly enter the credentials even if you had them could you?
- Forgotten credentials: This is really common. people do forget their credentials a lot and account recovery isn’t a walk in the park for these people.
If the device is yours then you’re free to bypass FRP all you want but ensure to ask questions when a customer brings an FRP bypass job to you. Bypassing FRP on stolen phones could land you in jail. If it does, whatever you do, don’t drop the soap! 🙂