Google announced in October the new real-time app scanning feature built into Google Play Protect that the company says can help catch malicious or fake sideloaded apps installed from outside the app store. These apps will morph their appearance or use AI to alter the apps’ code in a way that helps them avoid detection.
Google said this Play Protect feature now recommends a real-time app scan for any new app that has never been scanned before. This consists of a code analysis that will “extract important signals from the app and send them to the Play Protect backend infrastructure for a code-level evaluation.”
Android’s app store has billions of apps that Google screens for malware, though not always successfully. Many device owners also take to sideloading Android apps, which skirt the app store altogether and its many lines of defense. Sideloading remains a popular feature for Android users, even if it means having to trust that the app they are installing is not malicious.
One of the key reasons for Google to introduce its enhanced real-time code-level scanning feature is to counter the proliferation of predatory loan apps. These apps have resulted in the harassment of users, leading in some cases to victims taking their own lives. Bad actors gain access to user data, including contacts and photos, which are used to bully users. TechCrunch extensively covered the impact of predatory loan apps on Indian users. Google also said it took down over 3,500 such apps in the year for violating its policy requirements. Attackers still find ways to target their victims.
“Our policies are making it tougher for predatory apps to be listed on the Play Store. But the bad actors are inventive, and they are finding new ways to trick people and that is why we take additional measures,” said Saikat Mitra, Google’s head of trust and safety for APAC at the Google for India event in New Delhi last month, while announcing the update to Play Protect.