Mar 25, 2014

How does Google determine that the apps on Google Play are safe?

One of the standard pieces of advice that is given about improving security and avoiding malicious apps on Android devices is to only download applications from a trusted source, which means Google Play, and to a lesser extent Amazon’s app store. But how does Google ensure that the apps on Play are safe? They obviously don’t have the time or inclination to perform a code review on every new app that is submitted. Do they do something similar to what an antivirus program does on a PC and scan them using heuristics?

Travis had a good answer, but this article might also be of interest to you.

Google to Verify Android Apps in JellyBean Update

"Users with Android 4.2 (Jelly Bean) devices will have the option of scanning apps installed on their devices to identify malicious apps, Google engineer Michael Morrissey wrote in a Google+ post on Wednesday. The new mechanism would complement the existing Bouncer technology, which scans apps as they are uploaded to Google Play to detect and remove malicious apps, by scanning apps as they are installed on the device.

"We will check for potentially harmful applications no matter where you are installing them from," wrote Morrissey, a member of the Android Security team."

Since 2011, Google has been scanning all apps with Bouncer as they are uploaded to Play and then randomly afterwards. Bouncer does two main things. First, it looks for matches to known malware signatures and, second, it runs the apps in sort of an Android VM to make sure it doesn’t do anything to take advantage of Android in a malicious way. I assume Amazon does something similar, but I don’t know for sure. You can read more about Google security measures on their security blog.

Answer this