With the growing popularity of mobile apps, the number of malicious apps that can harm users’ devices or steal their data has risen. To combat this issue, Google has been investing in machine learning systems and app review processes to identify and prevent policy-violating apps from being published on Google Play. Google recently announced that it prevented 1.43 million policy-violating apps from being published on Google Play in 2022.
How Google prevents ad-fraud
Google has been hard at work to combat malicious developers and fraud rings, banning 173,000 bad accounts and preventing over $2 billion in fraudulent and abusive transactions. To ensure that the Play ecosystem remains safe for users, Google raised the bar for new developers to join by introducing phone, email, and other identity verification methods. This has resulted in a reduction of accounts publishing violative apps.
Google also partnered with SDK providers to limit sensitive data access and sharing, thereby enhancing the privacy posture for over one million apps on Google Play.
The company prevented 500,000 submitted apps from unnecessarily accessing sensitive permissions over the past three years through strengthened Android platform protections and policies.
New tools supporting developers
In an effort to build trust with developers, Google has made a concerted effort to provide the tools, knowledge, and support necessary for developers to create secure and trustworthy apps that prioritize user data security and privacy.
To that end, in 2022, Google launched the App Security Improvements program to help developers fix approximately 500,000 security weaknesses affecting around 300,000 apps with a combined install base of approximately 250 billion installs. This program was designed to help developers build better apps by identifying and addressing vulnerabilities and improving overall security.
Google app security efforts
Source: Google
To fight fraudulent and malicious ads, Google updated its ad policy for developers, providing guidelines that improve in-app user experience and prohibit unexpected full-screen interstitial ads. Google Play Store also launched a data safety section last year to enhance transparency in data collection and sharing practices.
The store became the first commercial app store to display a badge for any app that has completed an independent security review through App Defense Alliance’s Mobile App Security Assessment, which leverages OWASP’s Mobile Application Security Verification Standard. Additionally, the App Defense Alliance expanded its membership to reduce app-based malware risks.
For Pixel users, Google added more powerful security and privacy features to keep them safe. The security and privacy settings launched for all Pixel devices running Android 13, and Private Compute Core allows Pixel phones to detect harmful apps in a privacy-preserving way.
Key takeaways
- Google prevented 1.43 million policy-violating apps from being published on Google Play in 2022
- It implemented measures such as identity verification, platform protections, and ad policy updates to combat ad fraud and malicious developers
- It launched initiatives such as the App Security Improvements program and the data safety section to support developers and enhance transparency for users