With recent scam apps incidents in mind, it might look like Google isn't very good at keeping malware and fraud out of the Play Store, but the company is hard at work to allow as little in as possible. It has shared today that thanks to security advancements, it could keep more than 790,000 policy-violating apps from entering the Play Store, and has also prevented more than 1.9 billion malware installs from sources outside of its distribution platform in 2019.
The company reiterates that it introduced its App Defense Alliance last year, an initiative that brought three security companies on board to Play Protect. The malware scanner has become more prominent on Android phones over recent years and also makes installing APKs outside of the Play Store safer. Google's policy for safeguarding kids apps is making the platform a better place, too. With these advancements and the aforementioned stats in mind, the company definitely has reason to celebrate.
But where there is light, there's also shadow. Google praises its much-hated 2018 policy that stops apps from accessing potentially private SMS and call log data and says that it has seen a 98% reduction of developers using the permission. It doesn't mention that the rule broke many apps that have previously relied on SMS access for core functionality, among them the increasingly desperate security app Cerberus. Google offers a form that developers can fill out to receive an exclusion, but only a few, mostly prominent apps (like Tasker) have been allowed access to the permission.
So, despite all the anti-malware improvements, there's still a lot of work ahead of Google if it wants to make the Play Store a safe, predictable place for customers and developers. In fact, the company's algorithms tend to remove trustworthy apps from the store for arbitrary reasons, and distressed developers' calls for help are often not answered until outlets like us cover the incidents. It feels like we come across these stories on an almost monthly basis.
At the same time, scammers can operate somewhat freely within the store thanks to loopholes that Google has trouble patching. We've covered applications in the UK's top chart that scam users into paid subscriptions by remotely loading a carrier billing-based code into their products after installation. A few apps also overcharge users for basic functionality using Play Store billing.
At least we know the company is open to its developers' feedback, and Google acknowledges that while "we are proud of what we were able to achieve in partnership with our developer community, we know there is more work to be done." It's committed to "building the world's safest and most helpful app platform will continue in 2020." Let's hope devs will be able to sleep much better in 2021, fully trusting that their apps won't be taken off the Play Store for arbitrary reasons while some obvious scams are still able to thrive.