Roughly in keeping with numbers seen in recent years, the Google Play Store announced that it blocked 1.43 million bad apps and banned 173,000 malicious or policy-violating developer accounts in 2022.
The Google Play Store tends to ban somewhere north of a million bad apps and 100,000 shady developers each year. Google says that its efforts prevented over $2 billion in fraudulent transactions in 2022, and provided security advisories that led to improvements in over 300,000 legitimate apps.
Google Play Store changes include API access, license requirements for finance apps
With billions of apps to scan each year, Google continues to incorporate AI and machine learning into the process to improve a general safety reputation that lags behind that of chief rival Apple. There are also tighter requirements for getting apps listed on the Google Play Store, with developers now required to go through added layers of identity verification.
In addition to the focus on banning bad apps, Google has rolled out its new App Security Improvements program for developers. This program incorporates a security scan into the initial upload process and to updates, alerting developers of potential issues before the app even goes live on the Google Play Store. For certain serious issues, developers are restricted from updating until the problem is addressed. A 2021 “Helpline” pilot program has also expanded, offering developers phone-based assistance for compliance issues in 17 countries.
The new Target API Level policy also warns users when installing apps that were developed for less secure prior versions of Android without incorporating the newer improvements, and developers have the option of taking the Mobile App Security Assessment (MASA) to earn a safety badge that can be displayed to users. Additionally, it is now tougher for developers in certain regions to obtain the license requirements needed to run personal loan apps.
Majority of “bad app” installs come via Google Play Store
The Android marketplace is widely seen as the less secure, but also more inexpensive and more free option as compared to Apple. Much of the security concern centers on the fact that Android apps can be “sideloaded” outside of approved channels, but studies have found that the majority of bad app installs actually come through the Google Play Store. Malware apps with millions of installs continue to be found there; some recent examples include paid ad-watching app TubeBox and Bluetooth Auto Connect.
Google seems to have increased awareness of this as a market weakness, particularly with the double whammy of increased cyber crime prompted by the Covid-19 pandemic and Apple’s shift in focus to hardware and security branding over selling third party advertising. Apple’s new policies appear to have directly prompted Google’s “Privacy Sandbox” project, which is currently in pre-launch testing and began to be integrated into the OS with Android 13. General availability of most of its features, which include improved cross-site tracking privacy and a more private alternative to cookies, is still slated for fall 2023.
Owners of Google’s flagship Pixel line also get some added protections, chief among them the “Private Computer Core” that stores sensitive user data in a private partition that isolates it from app tracking methods (including those that Google itself uses). Pixel users also have enhanced privacy and safety settings available to them, at least if they have updated to Android 13 or a newer version.
Google is also part of the “App Defense Alliance,” a collection of numerous tech and cybersecurity firms that share intelligence about bad apps and provide the backing for the MASA assessment. However, the nature of Android is such that device manufacturers will remain responsible for a great deal of user safety, something illustrated by a string of major security issues involving Samsung’s Android devices over roughly the past year.
These moves have proven necessary as Google Play Protect has taken years of harsh criticism about its ability to detect bad apps and malware, consistently coming in well beneath third party antivirus solutions yet also somehow tending to have a higher rate of incorrectly flagging clean apps at the same time. Security-aware Android users have thus essentially had to lock the device down as if it was a Windows PC, something that is much more in the background (and much easier for the casual user) on Apple devices.
Part of this is due to the trend of “dropper apps,” bad apps that sneak onto the Google Play Store by initially presenting as something innocent and then connecting to remote servers once installed on a user device to retrieve the malware. A recent report from Kaspersky found that these apps are sold to amateurs on the dark web for as little as $2,000, and while on the dark web an aspiring hacker can pick up an illicit Android developer account for about $100 to $200.
Another sneaky means of getting bad apps up and running on the Google Play Store is to serve the malware via a third-party advertising network that the app makes use of, something that is difficult for Google to detect and track.