Google blocked over two million Android apps from the Play Store for violating its policies in 2023. The company also banned over 333,000 developers for repeated violations and malicious activities. Its SAFE principles helped it identify bad apps, actors, and fraud rings.
Google prevented millions of malicious apps from reaching the Play Store
The open nature of Android OS makes it more vulnerable to malware. Bad actors distribute malware through fake apps disguised as genuine ones or legitimate utility apps with backdoors to malware. While these apps usually don’t pass Google’s security checks for the Play Store, attackers never stop trying. They come up with new tactics to avoid detection and get lucky sometimes.
In a recent blog post, Google revealed that it prevented 2.28 million apps from reaching the Play Store because they violated its policies. It also rejected or remediated 200,000 app submissions for improper use of sensitive permissions such as SMS access and background location. The company also banned developers who injected malware into their apps or repeatedly violated its policies.
Google has a framework to protect Play Store users from malicious apps. It is built on SAFE principles. These include Safeguarding users while helping them discover quality apps they can trust, Advocating for developer protection so they can focus on growth, Fostering responsible innovation without compromising on user safety, and Evolving security measures to stay ahead of emerging threats.
“With those principles in mind, we’ve made recent improvements and introduced new measures to continue to keep Google Play’s users safe, even as the threat landscape continues to evolve,” Google said in its blog post. “We have also strengthened our developer onboarding and review processes, requiring more identity information when developers first establish their Play accounts.”
Google partnered with industry leaders for enhanced app security
Google isn’t alone in this fight to secure the Android app ecosystem. The App Defense Alliance, which supports the industry-wide adoption of app security practices and guidelines and the development of countermeasures against security risks, also includes other industry leaders such as Microsoft and Meta. It is part of the Joint Development Foundation within the Linux Foundation family.
The Alliance’s Mobile App Security Assessment (MASA) independently reviews security measures of VPN apps on the Play Store. Apps that pass this review get a unique badge displayed as part of the app listing on the Store. “This helps users see at-a-glance that a developer has prioritized security and privacy best practices and is committed to user safety,” Google said.
Google has also improved its security measures to detect malicious code within apps downloaded from other stores or sideloaded using an APK. It runs real-time scanning at the code level to detect malware. These measures aren’t enough to completely block malware in sideloaded apps, though. You should always download apps from the Play Store or other trusted sources.
2024-04-30 15:06:54