Google’s Android Security 2017 Year in Review report is out. The report which is the fourth in the series meant to educate the public on Android security success and failure stories showed that 60.3 percent of Potentially Harmful Apps (PHAs) were detected via machine learning. This is done by the Google Play Protect which they say scans through Android apps on billions of devices running Android 4.3 upwards uses machine learning to detect these potential threats. This is partly responsible for the removal of over 700,000 apps from the Play Store. “Play Protect’s core objective is to shield users from Potentially Harmful Apps, or PHAs. Every day, it automatically reviews more than 50 billion apps, other potential sources of PHAs, and devices themselves and takes action when it finds any” according to the report.
Before now, Play Protect required that devices be online in order to enjoy automatic detection of harmful applications but Google discovered that it was not as effective because about 35 percent of Potentially Harmful Apps (PHAs) were installed offline. This is why Google Protect in October 2017 got an offline scanning feature which allowed it continue to function even when a device is offline thereby preventing about 10 million more PHA installations.
Google adds that “Play Protect automatically checks Android devices for PHAs at least once every day, and users can conduct an additional review at any time for some extra peace of mind. These automatic reviews enabled us to remove nearly 39 million PHAs last year.”
On the Google Play Store versus third party app stores, Google said Android devices that download exclusively from the Play Store were 9 times less likely get PHA installs than those devices that used other stores. While this may sound strange to some because Android devices are supposed to ship with the Play Store right? Well there are places where users have to use third party stores to install Android apps while others use peer-to-peer methods to transfer such apps. Sometimes it is that the app is not officially available in a country but users find a way to get these apps using other methods.
On improving the security update process on Android devices, Google says it constantly works with phone makers to make sure the Android version running devices is up to date. This has led to a 30 percent increase in the number of devices that received security patches from 2016. In the same period, “no critical security vulnerabilities affecting the Android platform were publicly disclosed without an update or mitigation available for Android devices.”
Google also disclosed that it maintains a good relationship with security researchers and through the Android Security Rewards program, it paid researchers $1.28 million thereby making the total pay-out till date on the program in excess of $2 million. Rewards for exploits that compromise TrustZone or Verified Boot from $50,000 to $200,000, and remote kernel exploits from $30,000 to $150,000. External security completion attendance by its team members also played a role in its overall success last year.