Play Protect, a suite of Android security services that Google introduced in May 2017, played a big role in bolstering overall security of the Android ecosystem last year.
That’s according to Google, which on March 15 released its fourth annual report reviewing the steps it has been taking to improve the security of its mobile operating system.
Play Protect is designed to keep Android users safe from potentially harmful applications (PHAs) on their devices and in the Google Play mobile app store. The technology works by automatically scanning Android devices at least once a day and removing any PHAs on them.
Such scans helped Google remove some 39 million PHAs installed on user devices last year, said Dave Kleidermacher, vice president of security for Android, Play, ChromeOS at Google, in a blog summarizing the efforts. Play Protect also helped Google scan 65 percent more apps in its Play store for potential malware and other threats compared with 2016, he said.
Improved mechanisms for vetting applications uploaded to Play also ensured that people who downloaded software from the official app store were nine times less likely to be infected with a PHA compared with Android users who downloaded applications from third-party app stores.
“Thanks in large part to Play Protect, the installation rates of PHAs from outside of Google Play dropped by more than 60 percent as well,” Kleidermacher said.
Google’s work to shore up Android security included collaborating with several device manufacturers to ensure they had up-to-date versions of Android running on their devices. Google also focused on improving the process for releasing security updates and ensuring more devices received the patches, Kleidermacher said without offering any specific details.
As a result of Google’s efforts, 30 percent more Android devices received security patches last year compared with 2016, he said. It is unclear though what proportion of the two billion or so installed Android devices overall received security patches, or how quickly those patches were installed after release.
The security patching issue is a big challenge for Google. Many Android device manufacturers and carriers around the world have no standard policies for updating the operating system versions on their devices or issuing security patches to the devices. So a large proportion of Android devices are usually running outdated versions of the OS and are unpatched against serious vulnerabilities at any given time.
Google’s Android Version 8.1 Oreo released last August introduced a lot of new security features as well, Kleidermacher said. These included protections against the installation of apps from unknown or untrusted sources, kernel hardening and the elimination of support for insecure network protocols. With Oreo, Google also introduced a feature that prevents apps from blocking the entire screen—a measure designed to protect against ransomware.
Google’s Android Security Rewards program played a role in improving ecosystem security as well, Kleidermacher said. By increasing bounties for responsible vulnerability disclosure, Google was able to ensure that no critical security vulnerabilities were publicly disclosed without an update becoming available for it first, he noted.
