If Google blocks 99% of dodgy Play apps, why do Androids keep getting infected?
If Google blocks 99% of dodgy Play apps, why do Androids keep getting infected?
Google has taken steps to quell the Google Play malware panic by claiming that 99% of abusive apps are caught before they hit the Android store. But, does that mean your smartphone is safe?
Google claims it uses a combination of its rewards programme, Play store reviews and machine learning models to catch all but 1% of dodgy apps, ranging from fraud to malware.
“With the unique combination of people-powered programs like the Google Play Security Rewards Program, more than 1,700 workflow human reviewers, and new machine learning models and techniques, we can catch 99% of abusive apps, from impersonation and fraud to inappropriate content and malware,” wrote Google in a guide titled ‘How Google Play Works’.
But, if Google is blocking such a high percentage of malware, why do millions Android users keep getting caught out by infected PDF scanners and virus-ridden photography apps and messaging services?
According to a report by Kaspersky published in September, malicious apps often manage to slip through Google Play’s safeguards by being legitimate apps. The apps only begin acting dodgy via a seemingly harmless update or add-on function, after gaining the trust of a high number of users.
One example of this was CamScanner. The PDF scanner rattled up more than 100 million users before a stealthy Trojan snuck into one of its advertising modules, forcing a number of smartphones to take out paid subscriptions behind user backs.
Related: Best Phone
Trusted Reviews reached out to Arxan Technologies senior technical direction EMEA Winston Bond, who told us that it is often left up to the user to keep an eye on what they’re downloading.
“Over the past two years we have seen news of malicious and fake apps parading on the Google Play Store so it’s good to see Google taking action to prevent this from happening”, said Bond. “That said, being able to catch 99% of abusive apps means that 1% of abusive apps being developed could still end up on the store, and ultimately on users’ phones.
“Unfortunately, this means some of the onus for keeping data secure must fall to those users and the owners of the apps handling their data. I’m always telling people that it is vital to be careful with what you install. Installing an app on your phone is an act of trust and, unfortunately, mobile app stores are as appealing to hackers as any other marketplace. Application vendors should make sure they harden their own apps and not just rely on companies like Google to protect their customers’ data”.
According to Google’s Android Security & Privacy year in review, the amount of malware found in the Play store actually doubled in 2018 from 0.02% to 0.04%, though Google explained that the main reason for this was the inclusion of click-fraud apps in the company’s definition of Potentially Harmful Applications, or PHAs.
Despite this 100% increase, apps downloaded from locations outside of the Play store continue to pose a much higher risk for users.
Image: Google
While the number of PHAs originating outside the Play store has decreased since the introduction of safeguards like Play Protect, over a quarter of malicious apps download outside of the Play store continue to go undetected until its too late.
Related: Best Android Phones
Arxan Technologies Aaron Lint added that this Google’s definition of PHAs does not include business-level threats.
“In addition to the point about 99/1, I think it would also be germane to mention the fact that it doesn’t include business-level threats against an institution”, wrote Lint. “They are trying to detect information leakage across apps, environmental compromise, and some other user facing fraud pieces, but there is not anything listed here which would protect against a malicious user targeting the applications that are legitimately deployed from the app store to accomplish fraud directly”.
So, how can you protect your phone if malware slips through Google’s cracks?
Kaspersky principal security researcher David Emm recommends that Android users take a few basic steps to protect their phones.
These include securing your device with a passcode, ensuring that you have reliable security software, blocking third-party devices from installing on your device, double checking what permissions your apps want from you and periodically wiping any unwanted apps from your device.
“On top of this, of course”, adds Emm. “If someone chooses to download apps from other locations, they leave themselves exposed to apps that haven’t been screened at all”.
