And banned over 190,000 spammy developer accounts
In a bid to provide Android users a safer experience on the Play Store, Google made a ton of changes over the last year. The company has highlighted some of these changes in a recent blog post and explained how they protect users from malicious apps and developers on the Play Store.
According to Steve Kafka and Khawaja Shams from the Android Security and Privacy team, Google introduced multiple privacy-focused features last year, enhanced protection against malicious apps and developers, and improved SDK data safety. In addition, the company continued to improve its machine learning systems and review processes, which helped it block 1.2 million privacy-violating apps from being published on the Play Store. The company’s efforts to combat malicious and spammy developers have also resulted in over 190,000 accounts being banned in 2021.
Last year, Google also announced the new Data safety section for the Play Store, which helps developers provide users an insight into the privacy and security practices their apps follow. The Data safety section launched on the Play Store this week, and developers are now required to update the section for their apps by July 20.
Furthermore, Google also partnered with SDK developers to improve app safety, limit how data is shared, and improve lines of communication with app developers. The company notes that “SDKs provide functionality for app developers, but it can sometimes be tricky to know when an SDK is safe to use. Last year, we engaged with SDK developers to build a safer Android and Google Play ecosystem. As a result of this work, SDK developers have improved the safety of SDKs used by hundreds of thousands of apps impacting billions of users. This remains a huge investment area for our team, and we will continue in our efforts to make SDKs safer across the ecosystem.”
Google says that the best way to ensure data safety is to limit access to it in the first place. To that end, the company introduced new platform protections and policies that reduced access to sensitive APIs and user data for 98% of apps migrating to Android 11 or higher. It has also disallowed the use of Accessibility APIs in apps migrating to Android 12, killing third-party call recording apps in the process.
The blog post further mentions the Advertising ID changes Google introduced last year, which disallowed the collection of Advertising ID (AAID) and other device identifiers from all users in apps solely targeting children. The company also introduced an option to help users easily delete their Advertising ID entirely.
For Google Pixel users, the company introduced an additional set of features, like the Security hub. For the unaware, the Security hub on Pixel devices helps protect your phone, apps, Google Account, and passwords by giving you a central view of your device’s current configuration. Lastly, the blog post highlights new machine learning models used on Pixel devices that improve the detection of malware in Google Play Protect. The detection runs on your Pixel and uses a privacy-preserving technology called federated analytics to discover bad apps.
Did you know about all these security and privacy changes that Google introduced last year? Have you tried out any of the features mentioned above? Let us know in the comments section below.