Device security, and online security in general, may well be the most important and yet least considered element of your digital life. It’s not too hard to find a story discussing how many Android apps are “infected” or “malicious”. Nor is it hard to find someone to say how iOS is “safer” than Android. So what is Google doing to protect your safety online?
Google classifies such bad apps as Potentially Harmful Applications or PHAs and has a breakdown of different types of these PHAs. Some examples are:
- Backdoors: Apps that let hackers control your device, giving them unauthorised access to your data.
- Billing fraud: Apps that charge you in an intentionally misleading way, like premium SMS scams or call scams.
- Spyware: Apps that collect personal information from your device without consent
- Hostile Downloads: Apps that download harmful programs, often through bundling with another program
- Trojan Apps: Apps that appear benign (e.g., a game that claims only to be a game) but actually perform undesirable actions.
Before you even install an application Google’s Verify Apps system is preemptively scanning and checking every application before it is installed. If a PHA is detected it won’t install. Verify Apps doesn’t stop there, it will continue to check apps installed on your device, including those obtained from unofficial sources.
If an installed app is determined to be a PHA you will be prompted to remove the offending application from your device. This prevents apps from being updated in a way that avoids detection at the source but ultimately ends up being a PHA. In rare instances Verify Apps may even forcibly remove the application if it is determined to be purely malicious or difficult for users to remove.
If you want to check the Verify Apps service is working on our device simply go into the Google Setting on your device, head into Security then click on Verify Apps. There you will be able to see when it last ran, what apps it checked and how many apps have been checked in total.
Thanks to services like this, over 99% of all Android Devices in 2015 were free of all known PHAs. As the bad guys continue to evolve their tool bag of tricks to catch you so will Google evolve Verify Apps to catch them first. Of course, if you stick to installing apps only from official sources, i.e. the Google Play Store, then your likelihood of getting a PHA is very very low.