Android dominance makes it a target for malicious activities; with over 1.4 billion people using an Android smartphone or tablet per day, coupled with the fact that it’s open source and free for manufacturers to use, means it's a big deal.

While Google has been battling to keep off these malicious actors from its already-huge Android ecosystem, malware apps still happen to find their way into the Play Store. But Google had recently made changes in the Play Store policies, adding new restriction for Android APIs to make it mandatory for every new application to undergo some rigorous security testings and reviews before been accepted into the Play Store.

And some of the new rules include, the restriction of developers from abusing the Android accessibility services, and access to certain permissions such as call logs and SMSes; with adding trait-based malware scanner, and employing human reviews for apps before acceptance to the Play store.

The review process for app from new developers with no proven track record within the ecosystem will take days, and in some cases weeks, allowing the company to thoroughly check for suspicious activities before approving the apps to be published on the Play Store.

Google had been busy with keeping Android secure over the years, pushing out security updates monthly, but still, not every single Android smartphone and tablet receives these security updates.

The potential damage could be frightening, as Android fragmentation problem is not easily solved, which means that the question of Android security comes down to device. However, Google has taken a step to ensure that Android OS is up-to-date with Project Treble, the remodeling of the architectural framework establishing a modular base for lower-level code created by vendors as separate from the operating system.

Project Treble could help to ramp up the number of phones running Android Pie, as it will give manufacturers a clear-cut way to update from Android Oreo to next version without much fuss.

How Google is making it harder for Rogue Apps to get into Android Play Store



Android dominance makes it a target for malicious activities; with over 1.4 billion people using an Android smartphone or tablet per day, coupled with the fact that it’s open source and free for manufacturers to use, means it's a big deal.

While Google has been battling to keep off these malicious actors from its already-huge Android ecosystem, malware apps still happen to find their way into the Play Store. But Google had recently made changes in the Play Store policies, adding new restriction for Android APIs to make it mandatory for every new application to undergo some rigorous security testings and reviews before been accepted into the Play Store.

And some of the new rules include, the restriction of developers from abusing the Android accessibility services, and access to certain permissions such as call logs and SMSes; with adding trait-based malware scanner, and employing human reviews for apps before acceptance to the Play store.

The review process for app from new developers with no proven track record within the ecosystem will take days, and in some cases weeks, allowing the company to thoroughly check for suspicious activities before approving the apps to be published on the Play Store.

Google had been busy with keeping Android secure over the years, pushing out security updates monthly, but still, not every single Android smartphone and tablet receives these security updates.

The potential damage could be frightening, as Android fragmentation problem is not easily solved, which means that the question of Android security comes down to device. However, Google has taken a step to ensure that Android OS is up-to-date with Project Treble, the remodeling of the architectural framework establishing a modular base for lower-level code created by vendors as separate from the operating system.

Project Treble could help to ramp up the number of phones running Android Pie, as it will give manufacturers a clear-cut way to update from Android Oreo to next version without much fuss.

No comments