Seeking to protect 3 billion users from malware attacks, Google Play Protect scans 200 billion Android apps every day. Back in May, during Google I/O,
the company announced a new security feature that it said would be coming with
Android 15. Google Play’s live threat detection will use Google Play Protect’s AI capabilities to keep an eye on an app’s request for sensitive permissions and how these apps interact with other apps and services.
If live threat detection spots something suspicious, the app is sent to Google for review and users will be warned. If this review confirms that the app is malicious, Google will then disable the app. Interestingly, the testing done to look for suspicious behavior is conducted on-device using a system that preserves users’ privacy. This is done via the use of Google’s Private Computer Core which allows Google to “protect users without collecting data.” This is a cloud-based service that uses cryptography to enable secure and private computations of sensitive data.
Before the end of the year, Google’s live threat detection will be found in Android handsets made by Google Pixel, Honor, Lenovo, Nothing, OnePlus, Oppo, Sharp, Transsion, and other manufacturers. This feature should cut down on the abuse of permissions by attackers looking to steal personal data from device owners by getting permission to use a phone’s microphone, camera, and more to complete that task.
Permission prompt received by Android user when an app requests a dangerous permission. | Image credit-Google
Last month we passed along a report from Cyber News
that listed the 50 most dangerous apps in the Google Play Store based on the number of dangerous permissions each app requests. Google Messages and Facebook were among the top five apps on that list. The top five dangerous permissions requested by these apps include:
- Post Notifications
- Write external storage
- Read external storage
- Camera and Record Audio (tie)
- Read media images
Google last month
asked developers to submit a form “If your app requests the use of high-risk or sensitive permissions (for example, SMS or Call Log). If so, Google says that developers “may be required to complete the Permissions Declaration Form and receive approval from Google Play.” The form must be submitted by the end of this month. If the form is not received in time, developers will be blocked from updating their apps in the Play Store.
According to Forbes, Google might give some apps until the end of the year to straighten out their code.