AI can enhance the user experience and productivity of Android apps. If you're looking to build GenAI features that benefit from additional data privacy or offline inference, on-device GenAI is a good choice as it processes prompts directly on your device without any server calls.
Gemini Nano is the most efficient model in Google's Gemini family, and Android’s foundational model for running on-device GenAI. It's supported by AICore, a system service that works behind the scenes to centralize the model’s runtime, ensure its safe execution, and protect your privacy. With Gemini Nano, apps can offer more personalized and reliable AI experiences without sending your data off the device.
In this blog post, we'll provide an introductory look into how Gemini Nano and AICore work together to deliver powerful on-device AI capabilities while prioritizing users’ privacy and safety.
Private Compute Core (PCC) compliance
At Google I/O 2021, we introduced Private Compute Core (PCC), a secure environment designed to keep your data private. At I/O in 2024, we shared that AICore is PCC compliant, meaning that it operates under strict privacy rules. It can only interact with a limited set of other system packages that are also PCC compliant, and it cannot directly access the internet. Any requests to download models or other information are routed through a separate, open-source companion APK called Private Compute Services.
This framework helps protect your privacy while still allowing apps to benefit from the power of Gemini Nano. Consider a keyboard application using Gemini Nano for a reply suggestion feature. Without PCC, the keyboard would require direct access to the conversation context. With PCC, the code that has access to the conversation runs in a secure sandbox and interacts directly with Gemini Nano to generate suggestions on behalf of the keyboard. This allows the keyboard app to benefit from Gemini Nano's capabilities without directly accessing or storing sensitive conversation data. You can find out more about how this works in the PCC Whitepaper.
Protecting your privacy through data isolation
AICore is built to isolate each request to protect your privacy. This prevents apps from accessing data that does not belong to them. Requests are handled independently and processed from a single app at a time to mitigate the risk of data being exposed to other apps.
Additionally, AICore doesn't store any record of the input data or the resulting outputs after processing each request. This design, combined with the fact that Gemini Nano’s inference happens directly on your device, helps ensure your app’s data stays private and secure.
Prioritizing Safety in Gemini Nano
We're committed to building AI responsibly, and that includes making sure Gemini Nano is safe. We've implemented multiple layers of protection to limit harmful or unintended results:
- Native model safety: All Gemini models, including Gemini Nano, are trained to be safety-aware out of the box. This means safety considerations are built into the core of the model, not just added as an afterthought.
- Safety aware fine-tuning: We use a LoRA fine-tuning block to adapt Gemini Nano for the needs of specific apps. When we train the LoRA block, we incorporate safety data specific to the app’s use case to preserve and even enhance the model's safety features during fine-tuning where applicable.
- Safety filters on input and output: As a final safeguard, both the input prompt and results generated by the Gemini Nano runtime are evaluated against our safety filters before providing the results to the app. This helps prevent unsafe content from slipping through, without any loss in quality.
These layers of protection work together to ensure that Gemini Nano provides a safe and helpful experience for everyone.
Get started
Learn more about Gemini Nano for app development, and try it out in your own app!
Be sure to check out the other amazing AI on Android Spotlight week content!