Android, known for its open ecosystem, presents unique security challenges compared to the more closed iOS environment. While Google has incorporated numerous security measures into its Play Store, ensuring apps from this platform are relatively secure, a significant security concern arises from the practice of sideloading apps and games from untrusted sources. In response to this issue, Google is taking steps to enhance Android’s security.
Google is set to bolster its Play Protect service by introducing real-time app scanning at the code level. When users install an app via an APK file sourced from untrusted locations outside the Play Store, the app will undergo an initial scan to assess its integrity. This scan generates data that is then relayed to Play Protect’s backend for in-depth code-level evaluation. Beyond identifying known threats, this system is equipped to identify emerging security risks.
The process is initiated when a user tries to install an APK file, triggering a prompt presenting two options: “Scan App” or “Don’t Install App.” Following the scan, Google provides users with a reason for the decision, whether to proceed or not. The implementation of this new security feature commences in India and will gradually expand to other regions.
It’s noteworthy that Google Play scans a staggering 125 billion apps daily, and when apps are identified as risky, they can be entirely disabled to protect users from potential security threats.