Google's new security platform, known as Google Play Protect, aims to improve Android application security. What...
are some of the features in Google Play Protect, and does it do enough to bolster app security?
The open nature of the Android ecosystem has helped make it the most popular OS for mobile devices, but it has also made it a firm favorite with hackers -- more than 99% of all malware designed for mobile targets Android devices, according to a recent report by F-Secure.
Although all the apps are scanned by Bouncer, Google's security system, prior to them being made available in the Google Play Store, occasionally, a malicious app still makes it through, often masquerading as a popular or useful app. Hackers have now taken to hiding malicious code deep within their apps, only activating it once the app has passed inspection and is made available in the store; examples include the Charger ransomware and Skinner adware.
Although Google claims just 0.05% of users who downloaded apps from the Google Play Store in 2016 were infected with malware, down from 0.15% in 2015, just one malicious app can still infect millions of devices due to the size of the Android user base. For example, cybercriminals managed to trick 1.5 million people into installing 13 different malicious apps designed to steal Instagram credentials.
A common technique to avoid detection when an app is first submitted to the Google Play Store is to encrypt any malicious code within the app or to activate it later once the app has been installed by the user, like the malicious game Viking Horde.
To better combat this type of malware, Google has announced Google Play Protect, a security package for Android devices consisting of app scanning with machine learning technology to look for harmful apps, implement browser protection and provide antitheft measures.
Google Play Protect's app scanning feature replaces Google's previous app scanning tool, Verify Apps, and is actually built into any device that comes with the Google Play Store. It's an automated and always-on service. Google claims it scans 50 billion apps per day across a billion Android devices, scanning and verifying apps before and after they've been downloaded, even those from third-party app stores.
It's this constant scanning for changes in behavior of installed apps that Google hopes will protect devices and users from apps that only turn malicious once installed. If the scans do find any suspicious activity, the responsible app is automatically disabled.
The Safe Browsing feature, while not new, also aims to prevent malware from getting onto a device. Any site a user tries to access is checked against Google's list of unsafe sites, and a warning appears for any site considered dangerous.
Of course, two of the most common risks to mobile devices are loss and theft, which is why Android Device Manager has been rebranded as Find My Device, with a new user interface and a few new features. It has the ability to remotely lock a lost device, display a message on the lock screen or to wipe data if there is no chance that the device will be returned.
While some of the security measures in Google Play Protect have been around for a while, this is a welcome overhaul, giving users more information about their device's security. Play Protect is slowly rolling out to users who are running Play Services 11 or above.
Find out about more apps slipping by Google Play security
Learn how app modernization has been on the rise
Concerned about your phone's safety? Learn how to wipe it remotely
Dig Deeper on Mobile security threats and prevention
Related Q&A from Michael Cobb
Expert Michael Cobb details how to argue for a multistep secure code review process, like Microsoft SDL, and the pros of secure coding practices. Continue Reading
Researchers developed a tool to help prevent improper certificate pinning that causes security issues. Expert Michael Cobb reviews the issue and the ... Continue Reading
Google Project Zero discovered a WPAD attack that could target systems running Windows 10. Expert Michael Cobb explains how the attack works and how ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.