Summary

  • Google stopped 2.28 million privacy-violating apps and banned 333,000 malicious developer accounts in 2023.
  • SAFE principles ensure user safety through independent security reviews for VPN apps and enhanced SDK privacy.
  • Play Protect detected five million new malicious apps last year, while Google removed 1.5 million apps not targeting the latest APIs.



The Google Play Store has long been the bastion for safe and worry-free app downloads, but a lot goes into preventing you from accidentally downloading spurious cloned versions of some of our favorite apps. While Google has been embroiled in its fair share of controversy surrounding Play Store policies and their impact on app developers, the average Android user’s experience is ultimately reliant on the defensive protocols in place to remove malicious apps and developers from the Play Store.


Related

The best Android apps you can install in 2024

A running list of the best Android apps available today

Google just published its annual report explaining how publishing malicious apps became harder in 2023. Last year’s report bragged about successfully defending Android’s crown jewel from 1.43 million apps, but this year’s report claims a whopping 2.28 million privacy-violating apps were stopped dead in their tracks and 333,000 potentially malicious developer accounts were banned for handling malware or repeatedly violating the store’s policies. Additionally, over 200,000 app submissions were rejected to ensure they used sensitive permissions like SMS and background location access properly.


What it takes to keep users SAFE

Nairobi-Bundle-Play-Policy-Banner-V3
Source:Google 


Google explains that its SAFE principles keep users sheltered from the perils of unsecured app installation. The acronym stands for:

  • Safeguard our users
  • Advocate for developer protection
  • Foster responsible innovation
  • Evolve platform defenses

For users, these principles show up as badges for things like VPN apps, which have cleared independent security reviews vetted by the App Defense Alliance created by the biggest names in tech — Google, Microsoft, and Meta.

In a more developer-facing change steered by the SAFE principles, Google boasts it enhanced the privacy of over 31 SDKs, which help apps interface with the Android OS and device hardware. The changes make 790,000+ apps safer for users like you and me, while the company’s new and expanded Google Play SDK Index now benefits over 6 million Android ecosystem apps. Moreover, to ensure Android users get the most out of security patches in the OS updates they receive, Google removed 1.5 million apps from the Play Store just because they don’t target the latest APIs corresponding to the latest Android version.


Play policies also reflect Google’s new developer onboarding verification and testing requirements before independent developers can publish apps on the store. If the app in question enables account creation, Google also mandates that devs give users an option to delete said accounts within the app and online.

Even if you prefer sideloading apps, Google has enhanced Play Protect with real-time code-level scanning to quickly detect malicious apps. Every app submitted to Google for review further trains the company’s ML algorithms to protect users in the future. This year, Play Protect fended off over five million new apps which aren’t on the Play Store.

Google clearly takes user account security seriously, and we hope it takes equal care to prevent accidental exclusion of well-meaning apps and developers from the Play Store. As users, if we believe Google is erring on the side of caution, we always have the option of sideloading apps anyway.