Google collaborates with security firms to get rid of bad Android apps

Google announces teaming up with mobile security companies to form the App Defense Alliance and keep bad apps away from the Play Store

Google informs users about forming an alliance with cybersecurity firms to keep the Play Store free from bad Android applications. Google announces^[1] that the company is forming an alliance with Lookout, ESET, and Zimperium to improve the Play Protect's malware detection to catch dangerous Android applications.^[2] The App Defense Alliance is going to bring the security industry together to keep the malicious actors away from customers, as Dave Kleidermacher claimed in the official blog post:

Fighting against bad actors in the ecosystem is a top priority for Google, but we know there are others doing great work to find and protect against attacks. Our research partners in the mobile security world have built successful teams and technology, helping us in the fight.

Right now, when the application creator submits the Android program to the official Play Store, Google employees scan the program with a system called Bouncer and Google Play protect. Previously Google claimed that those systems detect malicious applications, but recent incidents showed that malicious products like trojans or even ransomware can still slip through the protection.^[3]

App Defense Alliance works to get ahead of bad actors

Although Google claimed^[4] that only 0.04% of all the Android applications from Google Play were considered harmful, the problem remains serious since malware developers also got sneakier and more sophisticated when it comes to malware creation. Particular Android malware^[5] makers adopted various techniques helping to bypass the Bouncer and Play Protect scans. As the official report states, the industry is thriving, and popularity demands proper security measures.

Google tries to reduce the risk of application-based malware infections, so identifying new threats and protecting users from harmful products is key. Google Play protect detection system will be integrated with each partner's malware scanning engines. Thus the new method of risk intelligence is generated that is going to be used each time an application is qued to go to Play Store.

Hand-picked endpoint protection companies that offer products to protect mobile devices from malware combines their engines to increase the efficiency in identifying potential threats. Google made its research and chosen partners that are regularly recognized in various reports for their work and can share their knowledge to secure the world from malware attacks.^[6]

Is it possible to fight all malicious applications?

This is a great step forward, and App Defense Alliance with all the partners should offer better insights and detection. Applications now can be sent to Google Play Protect scanner service for analysis when ESET, Zimperium, or Lookout finds a potentially harmful application ins the wild.

The same analysis request can be sent to partners from the GPP scanner, so results can be shared and consolidated. This is how bad apps can be stopped from going live on the Play Store and affecting users all over the world from Android malware attacks.

However, the more applications Google takes down from the Play Store, the more malicious application developers become. Also, those people who got installed the program before its elimination remain affected, and at risk, so this is not fighting cyber threats. This is the method of keeping the Play Store a more secure source of mobile programs.