Apps downloaded from Google Play were eight times less likely to compromise a device than apps from other sources
Google says that 2018 saw its policies, along with enhanced automated and human checks, stop more malicious apps from entering Google Play than ever before. The company also claims to have acted faster when it came to detecting and removing the developers of harmful apps.
“The number of rejected app submissions increased by more than 55 percent, and we increased app suspensions by more than 66 percent,” writes Google Play Product Manager Andrew Ahn in his year-in-review post on Google Play security in 2018.
He went on to chalk the improvements up to Google’s tightened policies for app developers, as well as to the company’s increased spending on automated protections and human reviews, both of which he called critical for cracking down on bad apps.
“In a continued fight against these types of apps, not only do we apply advanced machine learning models to spot suspicious apps, we also conduct static and dynamic analyses, intelligently use user engagement and feedback data, and leverage skilled human reviews, which have helped in finding more bad apps with higher accuracy and efficiency,” said Ahn.
Of course, acting quickly on harmful apps that have somehow sneaked past the storefront’s checks is an important part of the Play Store security ecosystem. In this context, the tech behemoth praised its Google Play Protect system, which “now scans over 50 billion apps on users’ devices each day to make sure apps installed on the device aren’t behaving in harmful ways”.
Taken together, the company says that the likelihood that an app from Google Play would compromise a device was eight times lower than the probability of damage caused by downloading apps from outside the official Android app store.
Having said that, bad apps continue to sneak into Google Play, as documented by ESET researcher Lukáš Štefanko .
Another interesting finding has to do with who’s most often behind the threat. According to Google, “over 80 percent of severe policy violations come from repeat offenders and abusive developer networks”.
Once banned, malicious app developers often set up new developer accounts or purchase such accounts on the black market. Here, Google attributes the improvements in cracking down on the repeat offenders to better clustering and account matching technologies, in conjunction with the prowess of its human reviewers.
“[W]e’ve made it more difficult for spammy developer networks to gain installs by blocking their apps from being published in the first place,” said Google.
When all is said and done, there are several easy-to-apply measures that will go a long way towards enhancing your protection from threats to Android-powered devices. These include being prudent when installing apps, especially – but not only – from outside Google Play, watching out for permissions requested by apps, and having reputable mobile security software in place.