Summary
- Google reports that apps from outside the Play Store are significantly more likely to contain malware.
- The company highlights its efforts to improve security, including AI-powered threat detection and enhanced privacy policies.
- Google is developing new tools to prevent malware installation and detect tampered apps, while also focusing on user privacy.
One of the key factors driving many users to choose Android over iOS is the openness of Google’s operating system, inviting broader appeal among tinkerers and enthusiasts. However, for better or worse, Google has started challenging its own idea of Android over the last few years by imposing various restrictions on Android to discourage app sideloading and ensure more safety for users.
Now, on top of that, the Mountain View tech firm has come up with its latest findings that quantify the risk involved in installing apps outside the Google Play Store, perhaps in the hope that people won’t take advantage of the pause Play Protect feature and turn away from sideloading Android apps.
6 critical threats to your phone and how to protect your device against them
Identify and mitigate threats to your smartphone
Google reveals how much is at stake with non-Play Store apps
In a post on the Android Developers Blog, while highlighting key steps it’s taken over the years to ensure a safer environment on Android, Google has revealed that apps downloaded from places outside the Google Play Store are 50 times more likely to contain malware than apps from the Play Store.
Moreover, Google has boasted that its “stronger privacy policies” and “AI-powered threat detection” prevented 2.36 million suspicious apps from making it to Google Play. However, it hasn’t always been proactive with its approach to tackling malware. For example, until September last year, several apps containing the Necro Trojan malware were available on Google Play. The company removed those apps from the app store only after it was widely reported that the Necro Trojan affected millions of Android devices.
Google has plans in place to tackle the menace of malware
Google hasn’t said a word on the steps it’s taking to avoid another Necro Trojan-like incident, but it has confirmed that it is working on making it difficult for malicious actors to trick users into turning Google Play Protect off and installing malicious apps. Additionally, the company has plans to expand Google Play Protect live threat detection to further crack down on malicious applications masquerading as financial apps.
Google also has plans to introduce more enhancements to the Play Integrity API, which, if used in an app, will identify whether an app has been repackaged outside the Play Store. How do you benefit from this, you ask? Well, per the blog post, the upcoming advancements to the Play Integrity API will ‘re-identify abusive and risky devices in a way that also preserves user privacy.’
As for developers, you’ll get access to tools that prompt users when they need the latest security update and explicitly tell users when they’re running a tampered version of your app. However, Google hasn’t specified when these changes will go live.
Google to ease sideload warnings with an option to pause Play Protect
Play Protect auto-enables the next day
