A new app update means a new APK Teardown here at AP. Today's victim is the Google Play Store, which was just freshly updated to 3.9.16. We've got all sorts of stuff to talk about.

A Built-In Malware Scanner

Yes, it's hard to believe, but Google is working on a malware scanner for the Play Store. The string file doesn't lie:

    <string name="package_malware_title">App Check</string>
    <string name="package_malware_consent_text">"Allow Google to check all apps installed to this device for harmful behavior?
To learn more, go to Settings > Security."</string>
    <string name="package_malware_banner_warning">Installing this app may harm your device</string>
    <string name="package_malware_banner_blocked">Installation has been blocked</string>
    <string name="package_malware_recommendation_warning">Google recommends that you do not install this app.</string>
    <string name="package_malware_recommendation_blocked">To protect you, Google has blocked the installation of this app.</string>
    <string name="package_malware_app_name">App name: "%s"</string>
    <string name="package_malware_checkbox_label">I understand that this app may be dangerous.</string>
    <string name="package_malware_consent_title">Verify apps?</string>

Apparently, there are two parts to this. There is something called  "App Check" that will allow Google to inspect every app you've already downloaded, and a doorman-style app blocker that will warn you if an app is suspicious. It also sounds like they will have a "shut up and download it" button, for people that like to live on the edge.

We reported earlier on Bouncer, Google's server-side Play Store malware cop, but this sounds like a new, client-side initiative, possibly the result of their recent acquisition of VirusTotal.

Besides the strings, there's new artwork, which is probably for this feature. The exclamation point signs are all separate pieces, each called some variation of "ic_warning_dark.png," and the shield is called "ic_shield_dark.png." Obviously the warning would be for unchecked stuff, and the shield would assure you everything is ok.

Wish List Progress

The wish list feature we told you about is coming along nicely. The APK has several different styles of buttons - it looks like the earlier "star button" design got canned. Their names are all variations of "ic_menu_market_wishlist.png," and "ic_menu_wish_off_dark.png." The layout file for this is called "wishlist_panel.xml," which immediately conjures up images of the Google+ or YouTube sidebar.

Is anyone else noticing that all the new art is white? I had to add the dark backgrounds, because white on white doesn't look too great. The thing is, the Play Store will have the same problem. I don't see where all this white iconography would fit into the Play Store's mostly-white design. So, since Google is giving us more light icons, I say, expect more dark backgrounds.

There is also ton of freshly-added text for wish lists:

<string name="content_description_wishlist_add">Include in wishlist</string>
<string name="content_description_wishlist_remove">Remove from wishlist</string>
<string name="wishlist_adding">Adding %1$s to wishlist</string>
<string name="wishlist_adding_backupstring">Adding to wishlist</string>
<string name="wishlist_removing">Removing %1$s from wishlist</string>
<string name="wishlist_removing_backupstring">Removing from wishlist</string>
<string name="wishlist_add_success">%1$s added to wishlist</string>
<string name="wishlist_remove_success">%1$s removed from wishlist</string>
<string name="wishlist_add_error">%1$s could not be added to wishlist</string>
<string name="wishlist_remove_error">%1$s could not be removed from wishlist</string>
<string name="my_wishlist_empty">There are no items in your wishlist. To add items, tap the bookmark whenever you see it in the menu above.</string>

Wish lists aren't done yet, there's still obvious missing code for things like the buttons, but it's good to see some progress.

Other Tidbits

Remember in my last APK Teardown, when I said Wallet was getting PayPal-style money storage? It sounds like the Play Store is in for the same thing. There is now mention of a "Google Play Balance":

<string name="topup_success">Added %1$s to Google Play balance.</string>
<string name="topup_not_available">Cannot add to balance, try again later.</string>
<string name="topup_choose_amount">Choose amount</string>

Let's just hope that the Play Store balance and Wallet balance are the same thing. Otherwise things would get confusing.

Update: Turns out the Play Store Balance isn't entirely new, it's what Google has been calling your gift card balance. The string text is still new though, so you'll soon be able to refill it from your device.

Thanks Rob!

And speaking of money, there is now a JCB (that's "Japan Credit Bureau") logo next to the other credit cards. I guess our Japanese readers will be happy about that.

One last thing, remember our multiple user account extravaganza? The Play Store is getting in on the action too:

<string name="app_already_installed_other_user">You cannot install this app because another user has already installed an incompatible version on this device.</string>

That is a strange error message, isn't it? Another user has installed an incompatible version? Meaning what? I guess some apps don't work with multiple users? I'd love to hear your ideas in the comments.

See you next update!