New Play Protect features roll out on Android to protect against dangerous apps

Every year, Google shares some numbers on how many potentially harmful applications and/or policy-violating applications it kept off the Play Store. Today, the company revealed these numbers for 2024, and it also announced some new Play Protect features that will further protect users from malicious applications.

Google Play Protect, if you aren't aware, is a threat detection service that's built into the Google Play Store app. It functions like an antivirus service on PCs in that it scans every installed application for signs of potentially harmful behavior. When it detects such behavior, it labels the app responsible for it as a potentially harmful application. What actions it takes depends on how the app was installed and how many reports Google has received about the app; actions range from preventing an app install, asking the user to send the app for analysis, recommending the user to uninstall the app, and so on.

Over the years, Google has invested heavily in improving Play Protect's threat detection algorithms. Last year, Google rolled out improved machine learning algorithms for threat detection, resulting in greater detection of malicious apps that attempt to bypass detection, real-time threat detection without the use of the cloud, and more. In addition to these updates, Google also introduced a number of policy changes to the Play Store aimed at reducing permissions abuse. As a result, Google says it prevented 2.36 million "policy-violating apps" from being published, banned more than 158,000 "bad developer accounts" that attempted to publish harmful apps, and prevented 1.3 million apps from getting "excessive, unnecessary access" to sensitive user data.

To keep up with the sheer number of new apps and app updates it has to review, Google says it deployed more advanced AI algorithms in 2024 to streamline its review processes for developers with a "proven track record of policy compliance." The company says that over 92% of its human reviews for harmful apps are AI-assisted, allowing it to take "quicker and more accurate action" to prevent harmful apps from spreading on Google Play.

By leveraging Play Store policy updates and API level requirements, Google says that over 91% of app installs on the Google Play Store "now use the latest protections of Android 13 or newer." Meanwhile, apps that use Google's Play Integrity API are reportedly seeing 80% lower usage from "unverified and untrusted sources" on average. Speaking of "untrusted sources," Google says that its Play Protect service identified more than 13 million new malicious apps from outside the Google Play Store, reiterating the fact that Play Protect scans all apps on the device regardless of origin.

Lastly, Google revealed some of the new improvements to Play Protect that are now available globally on Android devices with the service installed. These include:

• Reminder notifications in Chrome on Android to re-enable Play Protect: If you try to sideload an app you download from the web using Google Chrome while Play Protect is disabled, the browser will display a reminder to turn Play Protect back on. Google says this reminder is necessary because, according to its research, more than 95% of app installations from "major malware families that exploit sensitive permissions highly correlated to financial fraud" came from Internet-sideloading sources like web browsers, messaging apps, or file managers.
• Additional protections during scam calls: Play Protect can now no longer be disabled while you're in a call, whether it be a traditional phone call or a voice/video call in a popular third-party app. The toggle to turn off Play Protect is temporarily disabled until the call is over. This is to prevent scammers from manipulating people over calls into turning off Play Protect and then subsequently luring them into sideloading malicious apps.
• Automatically revoking permissions for potentially dangerous apps: The Play Protect service will now automatically revoke permissions for potentially harmful apps, limiting said apps' access to sensitive data like files, photos, and the camera. Users can restore these permissions at any time, though they'll have to go through an extra confirmation step in order to do so.

• Expansion of enhanced fraud detection: Google Play Protect's enhanced fraud detection features are now available in Hong Kong, Kenya, Nigeria, the Philippines, South Africa, and Vietnam, joining Singapore, Thailand, Brazil, and India. These features analyze and automatically block the "installation of apps that may use sensitive permissions frequently abused for financial fraud when the user attempts to install the app from an Internet-sideloading source."

Google also highlighted its recent announcement of a "Verified" badge for select VPN apps.