Story image

How Google secured more than two billion Android devices

Google recently released their annual Android security report. 

Despite all of the breaches across platforms last year Google remains optimistic about their progress at securing the nearly two billion Android devices out there. 

In May, they announced Google Play Protect, a new home for the suite of Android security services on nearly two billion devices. 

While many of Play Protect’s features had been securing Android devices for years, they wanted to make these more visible to help assure people that their security protections are constantly working to keep them safe.

Play Protect’s core objective is to shield users from Potentially Harmful Apps, or PHAs. 

Every day, it automatically reviews more than 50 billion apps, other potential sources of PHAs, and devices themselves and takes action when it finds any.

Play Protect uses a variety of different tactics to keep users and their data safe, but the impact of machine learning is already quite significant: 60.3% of all Potentially Harmful Apps were detected via machine learning, and they expect this to increase in the future.

Play Protect automatically checks Android devices for PHAs at least once every day, and users can conduct an additional review at any time for some extra peace of mind. 

These automatic reviews enabled Google to remove nearly 39 million PHAs last year.


Google also updates Play Protect to respond to trends that they detect across the ecosystem. 

For instance, they recognised that nearly 35% of new PHA installations were occurring when a device was offline or had lost network connectivity. ‘

As a result, in October 2017, Google enabled offline scanning in Play Protect, and have since prevented 10 million more PHA installs.

Devices that downloaded apps exclusively from Google Play were nine times less likely to get a PHA than devices that downloaded apps from other sources. 

Play Protect also doesn’t just secure Google Play, it helps protect the broader Android ecosystem as well. 
Thanks in large part to Play Protect, the installation rates of PHAs from outside of Google Play dropped by more than 60%.

Google also introduced a slew of new security features in Android Oreo: making it safer to get apps, dropping insecure network protocols, providing more user control over identifiers, hardening the kernel.


They highlighted many of these over the course of the year, but some may have flown under the radar. 

For example, they updated the overlay API so that apps can no longer block the entire screen and prevent you from dismissing them, a common tactic employed by ransomware.

On top of all of this, they also employ several security programs that revolve around finding and securing potential exploits.

New app conducts background checks on potential tenants
Landlords and house owners need to obtain a tenant’s full name, date of birth, email address, and mobile number in order to conduct the search. And most importantly, they have to get the tenant’s permission first.
GirlBoss wins 2018 YES Emerging Alumni of the Year Award
The people have spoken – GirlBoss CEO and founder Alexia Hilbertidou has been crowned this year’s Young Enterprise Scheme (YES) Emerging Alumni of the Year.
IDC: Standalone VR headset shipments grow 428.6% in 3Q18
The VR headset market returned to growth in 3Q18 after four consecutive quarters of decline and now makes up 97% of the combined market.
Meet Rentbot, the chatbot that can help with tenancy law
If you find yourself in a tricky situation  - or if you just want to understand your rights as a landlord or tenant, you can now turn to a chatbot for help.
PlayerUnknown’s Battlegrounds (PUBG) finally releases on PS4
PUBG on PS4 feels like it’s still in Early Access as the graphics look horribly outdated and the game runs poorly too. 
How AI can fundamentally change the business landscape
“This is an extremely interesting if not pivotal time to discuss how AI is being deployed and leveraged, both in business and at home.”
CERT NZ highlights rise of unauthorised access incidents
“In one case, the attacker gained access and tracked the business’s emails for at least six months. They gathered extensive knowledge of the business’s billing cycles."
Report finds GCSB in compliance with NZ rights
The Inspector-General has given the GCSB its compliance tick of approval for the fourth year in a row.