Holding Google Play protected for customers and builders stays a prime precedence for Google. Google Play Defend continues to scan billions of put in apps every day throughout billions of Android gadgets to maintain customers protected from threats like malware and undesirable software program.
In 2022, we prevented 1.43 million policy-violating apps from being printed on Google Play partially because of new and improved security measures and coverage enhancements — together with our steady investments in machine studying programs and app evaluate processes. We additionally continued to fight malicious builders and fraud rings, banning 173K unhealthy accounts, and stopping over $2 billion in fraudulent and abusive transactions. We’ve raised the bar for brand new builders to be a part of the Play ecosystem with telephone, e mail, and different id verification strategies, which contributed to a discount in accounts used to publish violative apps. We continued to associate with SDK suppliers to restrict delicate knowledge entry and sharing, enhancing the privateness posture for over a million apps on Google Play.
With strengthened Android platform protections and insurance policies, and developer outreach and training, we prevented about 500K submitted apps from unnecessarily accessing delicate permissions over the previous 3 years.
Developer Assist and Collaboration to Assist Preserve Apps Protected
Because the Android ecosystem expands, it’s vital for us to work carefully with the developer group to make sure they’ve the instruments, data, and assist to construct safe and reliable apps that respect consumer knowledge safety and privateness.
In 2022, the App Safety Enhancements program helped builders repair ~500K safety weaknesses affecting ~300K apps with a mixed set up base of roughly 250B installs. We additionally launched the Google Play SDK Index to assist builders consider an SDK’s reliability and security and make knowledgeable selections about whether or not an SDK is correct for his or her enterprise and their customers. We are going to maintain working carefully with SDK suppliers to enhance app and SDK security, restrict how consumer knowledge is shared, and enhance traces of communication with app builders.
We additionally lately launched new options and assets to provide builders a greater coverage expertise. We’ve expanded our Helpline pilot to provide extra builders direct coverage telephone assist. And we piloted the Google Play Developer Neighborhood so extra builders can talk about coverage questions and alternate greatest practices on the best way to construct protected apps.
Extra Stringent App Necessities and Tips
Along with the Google Play options and insurance policies which are central to offering a protected expertise for customers, every Android OS replace brings privateness, safety, and consumer expertise enhancements. To make sure customers notice the complete advantages of those advances — and to take care of the trusted expertise folks anticipate on Google Play — we collaborate with builders to make sure their apps work seamlessly on newer Android variations. With the brand new Goal API Degree coverage, we’re strengthening consumer safety and privateness by defending customers from putting in apps that won’t have the complete set of privateness and security measures supplied by the newest variations of Android.
This previous yr, we rolled out new license necessities for private mortgage apps in key geographies – Kenya, Nigeria, and Philippines – with extra stringent necessities for mortgage facilitator apps in India to fight fraud. We additionally clarified that our impersonation coverage prohibits the impersonation of an entity or group – serving to to provide customers extra peace of thoughts that they’re downloading the app they’re on the lookout for.
We’re additionally working to assist struggle fraudulent and malicious advertisements on Google Play. With an up to date advertisements coverage for builders, we’re offering key pointers that can enhance the in-app consumer expertise and prohibit surprising full display interstitial advertisements. This replace is impressed by the Cellular Apps Experiences – Higher Advertisements Requirements.
Enhancing Knowledge Transparency, Safety Controls and Instruments
We launched the Knowledge security part in Google Play final yr to provide customers extra readability on how their app knowledge is being collected, shared, and guarded. We’re excited to work with builders on enhancing the Knowledge security part to share their knowledge assortment, sharing, and security practices with their customers.
In 2022, the Google Play Retailer was the primary industrial app retailer to acknowledge and show a badge for any app that has accomplished an impartial safety evaluate by way of App Protection Alliance’s Cellular App Safety Evaluation (MASA). The badge is displayed inside an app’s respective Knowledge Security part. MASA leverages OWASP’s Cellular Software Safety Verification Customary, which is essentially the most broadly adopted set of safety necessities for cell purposes. We’re seeing robust developer curiosity in MASA with broadly used apps throughout main app classes, e.g., Roblox, Uber, PayPal, Threema, YouTube, and plenty of extra.
This previous yr, we additionally expanded the App Protection Alliance, an alliance of companions with a mission to guard Android customers from unhealthy apps by way of shared intelligence and coordinated detection. McAfee and Development Micro joined Google, ESET, Lookout, and Zimperium, to cut back the chance of app-based malware and higher defend Android customers.
We’ve additionally continued to reinforce protections for builders and their apps, equivalent to hardening Play Integrity API with KeyMint and Distant Key Provisioning.
Bringing Steady Safety and Privateness Enhancements to Pixel Customers
For Pixel customers, we added extra highly effective options to assist maintain our customers protected. The new safety and privateness settings have been launched to all Pixel gadgets working Android 13, bettering the safety and privateness posture for thousands and thousands of customers’ world wide each month. Personal Compute Core additionally permits Pixel telephones to detect dangerous apps in a privateness preserving manner.
Trying Forward
We stay dedicated to maintaining Google Play and our ecosystem of customers and builders protected, and we stay up for many thrilling safety and security bulletins in 2023.
