How we ensured the Safety of the Google Play & Android app Environments in 2024

The Android and Google Play ecosystems form a dynamic environment with billions of users worldwide and millions of useful applications. Our primary focus is to maintain the safety of this environment for users and developers. However, as with any thriving environment, it attracts its fair share of malicious entities. Hence, each year, we strive to invest in additional measures to safeguard our community and combat malicious actors, ensuring that users can trust the apps they download from Google Play, while developers can establish successful businesses.

Amid our efforts last year were AI-driven threat identification, reinforced privacy regulations, enhanced developer utilities, new global partnerships, and more. Consequently, we thwarted the publication of 2.36 million policy-violating apps on Google Play and terminated over 158,000 malevolent developer accounts striving to release harmful apps.

However, this was merely the beginning. To learn more, delve into our key accomplishments from 2024:

Google’s sophisticated AI: assisting in fortifying Google Play’s safety

To fend off malicious actors, our tactics have always combined human security specialists and cutting-edge threat detection technologies. In 2024, we harnessed Google’s advanced AI to enhance our systems’ proactive malware identification capabilities, enabling us to efficiently detect and obstruct malevolent apps. This innovation also aids in expediting review procedures for developers who have shown consistent policy adherence. Presently, over 92% of our evaluations for harmful apps are AI-assisted, empowering us to promptly and precisely act in thwarting harmful apps from infiltrating Google Play.

This advancement has allowed us to deter a higher number of malicious apps from accessing users through the Play Store, shielding users from detrimental or malicious apps before they can instigate any harm.

Collaborating with developers to heighten security and privacy on Google Play

For the protection of user privacy, we are collaborating with developers to limit unnecessary access to sensitive data. In 2024, we impeded 1.3 million apps from obtaining excessive or gratuitous access to sensitive user data. We also mandated apps to enhance transparency concerning their handling of user information by introducing new developer prerequisites and a new “Data deletion” alternative for apps supporting user accounts and data aggregation. This aids users in managing their app data and comprehending an app’s data deletion approaches, simplifying the process for Play users to erase data gathered from third-party apps.

We are also striving to ensure that apps leverage the most robust and contemporary privacy and security features offered by Android. Each new Android version introduces novel security and privacy functionalities, and we are urging developers to swiftly adopt these improvements. As a consequence of our close collaboration with developers, more than 91% of app installations on the Google Play Store now employ the latest security measures of Android 13 or higher.

Securing apps from scams and fraud remains a persistent challenge for developers. The Play Integrity API permits developers to verify the integrity of their apps or identify potential compromise scenarios, assisting in averting malpractice like fraud, bots, cheating, and data breaches. Play Integrity API alongside Play’s automated protection empowers developers in ensuring that users are utilizing the authorized Play version of their app with the most recent security updates. Apps integrating Play integrity features have encountered an average of 80% decreased usage from unverified and unsafe sources.

We persistently endeavor to enhance app safety on Play on a grand scale, such as through the Google Play SDK Index. This resource furnishes insights and information to assist developers in making well-informed judgments regarding an SDK’s security. The previous year, apart from incorporating 80 SDKs into the index, we closely collaborated with SDK and app developers to solve potential SDK security and privacy predicaments, contributing to the construction of more secure apps for Google Play.

Google Play’s layered defenses against malicious apps

In order to establish a reliable experience for all on Google Play, we adhere to our SAFE principles as guidance, integrating evolving multi-layered protections to bolster the security of Google Play. These defenses commence with the developers themselves, who play a pivotal role in formulating secure apps. We equip developers with top-tier tools, best practices, and on-demand training resources for crafting secure, high-caliber apps. Every app undergoes stringent evaluation and testing, with only sanctioned apps allowed to feature in the Play Store. Before downloading an app from Play, users can peruse its user feedback, ratings, and Data safety section on Google Play to facilitate an informed decision-making process. Once installed, Google Play Protect, Android’s intrinsic security shield, diligently scans for malicious app behaviors to shield their Android device.

Elevating Google Play Protect to bolster user safety on Android

WhileWhile the Play Store ensures top-notch security, we are aware that users don’t restrict themselves to only downloading Android apps from this platform. Hence, it becomes imperative for us to safeguard Android users from broader mobile threats as well. To achieve this within an open ecosystem, we have made significant investments in advanced, real-time defenses that shield against scams, malware, and abusive apps. These smart security measures play a crucial role in maintaining the safety of users, user data, and devices, even when apps are sourced from various channels with varying security protocols.

Google Play Protect conducts automated scans on all Android apps leveraging Google Play Services, irrespective of their download sources. This built-in defense mechanism, which is activated by default, plays a pivotal role in shielding against malware and undesired software. Google Play Protect conducts over 200 billion app scans daily and executes real-time scanning at the code level for new apps to combat emerging and concealed threats, such as polymorphic malware. In the year 2024, Google Play Protect’s real-time scans unveiled over 13 million new malicious apps originating from sources outside Google Play¹.

To tackle new threats effectively and safeguard users against deleterious apps that can lead to scams and fraudulent activities, Google Play Protect constantly evolves. Here are some recent enhancements now accessible globally on Android devices equipped with Google Play Services:

• Chrome reminder notifications on Android for Google Play Protect reactivation: An analysis revealed that over 95 percent of app installations from major malware categories exploiting sensitive permissions closely associated with financial fraud were initiated from Internet-sideloading platforms such as web browsers, messaging apps, or file management tools. To ensure users maintain protection while browsing the web, Chrome will display a notification reminder to reactivate Google Play Protect if it has been disabled.
• Enhanced defense against social engineering ploys: Scammers might coerce users into turning off Play Protect during calls to download harmful Internet-sideloaded apps. To prevent this scenario, the Play Protect app scanning switch is temporarily disabled during phone or video conversations. This safeguard is automatically activated during conventional phone calls and voice or video chats on popular third-party applications.
• Automatic withdrawal of app permissions for potentially harmful apps: Starting from Android 11, we have adopted a proactive stance towards data privacy by auto-resetting permissions for infrequently used apps. This ensures that apps can access only essential data and users can reinstate permissions if needed. Moreover, Play Protect now automatically withdraws permissions for potentially dangerous apps, limiting their access to sensitive data like storage, photos, and camera. Users retain the ability to restore app permissions at their discretion, with an added confirmation step for enhanced security.

Google Play Protect’s increased fraud prevention trial scrutinizes and blocks app installations that may exploit sensitive permissions often utilized for financial deception when users attempt to install such apps from Internet-sideloaded platforms (e.g., web browsers, messaging apps, or file managers).

Expanding on the success of our initial trial in collaboration with the Cyber Security Agency of Singapore (CSA), additional trials for enhanced fraud prevention now run in nine regions – Brazil, Hong Kong, India, Kenya, Nigeria, Philippines, South Africa, Thailand, and Vietnam.

In 2024, the enhanced fraud prevention trials by Google Play Protect have shielded 10 million devices from over 36 million risky installation attempts, involving more than 200,000 distinct apps.

By piloting these novel protections, we proactively combat evolving threats and enhance our strategies to thwart scammers and their increasingly advanced fraud tactics. We eagerly anticipate future collaborations with governments, ecosystem partners, and other entities to enhance user safeguards.

App labeling to assist users in swiftly identifying trustworthy apps on Google Play

In 2024, we unveiled a new badge for governmental developers to help users worldwide distinguish official government apps. Given that government apps are frequent targets of impersonation due to the sensitive nature of user data they handle, bad actors often exploit this to steal identities and commit financial fraud. Badging verified government apps represents a significant step towards connecting individuals with secure, premium, valuable, and pertinent experiences. We maintain close partnerships with various global governments and are currently exploring avenues to expand on this initiative.

We also recently introduced a fresh badge to aid Google Play users in discovering VPN apps that demonstrate a strong commitment to security through diligent adherence to Play’s safety and security guidelines and successfully passing an extra independent Mobile Application Security Assessment (MASA) to earn a dedicated badge in the Play Store, underscoring their elevated commitment to safety.

Collaborative efforts in advancing app security benchmarks

In conjunction with our collaborations with governments, developers, and other stakeholders, we partnered with industry peers to fortify the entire app ecosystem for all stakeholders. The App Defense Alliance, in collaboration with fellow steering committee members Microsoft and Meta, recently rolled out the ADA Application Security Assessment (ASA) v1.0, a new standard aimed at enabling developers to construct more secure mobile, web, and cloud applications. This standard furnishes precise instructions on safeguarding sensitive data, fending off Cyberattacks, and ultimately bolstering user confidence. This signifies a significant stride towards establishing universal security best practices for application development.

We urge all developers to review and adhere to the latest mobile security standard. You will witness this standard implemented for all carrier apps pre-installed on forthcoming Pixel phone models.

Future outlook

Throughout this year, we will persist in safeguarding the Android and Google Play ecosystem, building upon these tools and assets based on feedback from users and developers along with the evolving landscape. Our commitment remains unwavering in enabling developers to craft safer apps effortlessly, simplifying their policy experience, and shielding their ventures and users from malicious agents.

¹ Based on internal data from Google Play Protect in 2024.