Security news that informs and inspires

Google Rejecting More Harmful, Suspicious Apps From Play Store

By

In the last couple of years, Google has introduced a raft of new policies and mechanisms to help protect Android users by preventing malicious and misleading apps from getting into the Play Store, and the company is having some notable success with those efforts.

Among the changes that Google made are some new detection methods for identifying potentially malciious or harmful apps, either when they’re submitted to the store or during periodic reviews of the apps in the store. This week, Google published a set of statistics showing the effects that those policies are having, saying that the number of apps rejected during the submission process has increased by 55 percent and app suspensions have gone up by 66 percent.

“These increases can be attributed to our continued efforts to tighten policies to reduce the number of harmful apps on the Play Store, as well as our investments in automated protections and human review processes that play critical roles in identifying and enforcing on bad apps,” Andrew Ahn, a product manager for Google Play, said in a post Wednesday.

Google didn’t provide any absolute numbers for the volume of apps that have been rejected or suspended, but the relative increases are significant. There are more than two billion active Android devices every month, according to Google, and that user base has tremendous value to both Google and to attackers and scammers. Getting a malicious app or an app with hidden functionality into the Play Store provides a huge potential target base for criminals, which is why Google expends so much time and energy auditing apps going into the store and also once they’re on individual devices.

The Play Protect system Google instituted not long ago scans Android devices continuously, looking for potentially harmful or malicious apps that may have slipped through the approval process or been installed from third-party sources. It also checks the general health of the devices, checking on app permissions and patch levels. Play Protect scans more than 50 billion apps per day now, Google said.

Another part of the Play Store security ecosystem involves the way that Google checks developers and their accounts. There are a number of parts to that system, including both automated and human components. Google’s statistics show that the overwhelming majority of the violations of the developer policies come from people who have violated the policies before.

“We find that over 80% of severe policy violations are conducted by repeat offenders and abusive developer networks. When malicious developers are banned, they often create new accounts or buy developer accounts on the black market in order to come back to Google Play,” Ahn said.

“We've further enhanced our clustering and account matching technologies, and by combining these technologies with the expertise of our human reviewers, we've made it more difficult for spammy developer networks to gain installs by blocking their apps from being published in the first place.”