Google Scans More Than 6 Billion Apps For Potential Malware Threat
In the latest Android Security 2015 Annual Report, Google reveals that the company is taking Android security very seriously and now scans around 400 million devices and 6 billion installed apps each day.
Last year, Google claimed that they have reduced the number of Potentially Harmful Apps (PHA) by half and this year's report is a huge jump from where it was in 2014.
In the last year, we've significantly improved our machine learning and event correlation to detect potentially harmful behavior.
- We protected users from malware and other Potentially Harmful Apps (PHAs), checking over 6 billion installed applications per day.
- We protected users from network-based and on-device threats by scanning 400 million devices per day.
- And we protected hundreds of millions of Chrome users on Android from unsafe websites with Safe Browsing.
- Data Collection: decreased over 40% to 0.08% of installs
- Spyware: decreased 60% to 0.02% of installs
- Hostile Downloader: decreased 50% to 0.01% of installs
According to Google, less than 0.15% of devices that only install apps from Google Play had contact with a PHA, while 0.5% of devices that use both Google Play and outside sources to install apps had installed a harmful app. Marshmallow brings new security protection, including full disk encryption, updated permission controls and verified boot.
Last year, we launched Android 6.0 Marshmallow, introducing a variety of new security protections and controls:
- Full disk encryption is now a requirement for all new Marshmallow devices with adequate hardware capabilities and is also extended to allow encryption of data on SD cards.
- Updated app permissions enable you to manage the data they share with specific apps with more granularity and precision.
- New verified boot ensures your phone is healthy from the bootloader all the way up to the operating system.
- Android security patch level enables you to check and make sure your device has the most recent security updates.
- And much more, including support for fingerprint scanners, and SELinux enhancements.
Google has making investments to strengthen protections across the ecosystem now and in the long run, by introducing the monthly public security update program, which provides monthly code updates patching vulnerabilities that have been discovered in the OS.
The company also admits that despite its efforts, many Android devices are still not receiving monthly updates as various OEM's and carriers are not providing updates to their devices, thanks to the fragmentation present in the Android ecosystem. Currently, only Google Nexus devices are getting timely updates making them most secure Android devices out there. Google promised that they are working with its partners and OEM to provide update in timely fashion.
Google is also planning to increase its ongoing efforts to improve Android's protections, and looking forward to engage with the ecosystem and security community in 2016 and beyond.