Earlier this week Google’s Andrew Ahn, Product Manager for Google Play, released the latest information describing Google’s efforts to slow or stop the spread of malicious apps via the Google Play Store. As the official source for apps for Android devices, Google goes to great lengths to try to keep bad apps out of the store – both for purposes of improving the operating system’s reputation with users and to keep users from looking elsewhere for apps. Ahn says the efforts undertaken by Google have cut in half the chance that a user may install a bad app while making it a less attractive target for bad actors.
During 2017, Ahn says Google took down more than 700,000 apps that were somehow violating Google Play policies or potentially creating problems for end users. That number is 70% more than what Google did in 2016 thanks to advances in AI and machine learning that help the tech giant be even more effective in dealing with the huge number of apps to be reviewed. Google says 99% of all bad apps were taken down before any user could even install them.
Along with specific apps, Google also turned its detection models to developers that were repeatedly trying to abuse the system. These efforts resulted in more than 100,000 developers losing access to the Play Store.
In looking at some of the types of apps that were taken down, one of the biggest groups was copycat apps. These apps try to ride on the success of legitimate apps to get users to install them inadvertently instead of the actual app they were looking for. Google says developers use a variety of methods to try to get their copycat apps into the Play Store. During the year, Google took down more than a quarter million apps for this reason.
Another area that saw lots of activity were those that Google determined contained inappropriate content. For Google, this includes things like pornography, extreme violence, hate and illegal activities. Google uses a two stage process for these takedowns, letting their machine learning models flag apps that may be in violation followed by a human review. Google says “tens of thousands” of these types of apps were removed.
Finally, Google says they reduced the install rate by 50 percent for apps identified as “potentially harmful applications.” These are those apps that may meet most user’s mental image of malware – an app that conducts fraud, acts as a trojan for malicious code, or phishes for user info. Google notes that the number of apps falling into this category is not large, but they are difficult to detect because the bad actors behind them go the “extra mile” to conceal the real purpose of the apps. One of the major tools that Google credits with progress in this area is the implementation of the Google Play Protect program.
Google acknowledges that despite their success, there are still cases where developers manage to avoid detection and get their malicious apps into the Play Store and ultimately into the hands of users. So the search for even better methods to put a stop to this continues.