Google is making it harder for malicious developers to get their software published on its Play store, while removing large volumes of bad accounts, it claimed in an update yesterday.
The tech giant said it removed 173,000 bad accounts in 2022 and raised the bar for new developers by adding phone, email and “other identity verification methods.”
This helped the firm to reduce the number of accounts used to publish apps that violate its policies. Google said it prevented 1.43 million of these apps from being published on the Play marketplace.
All told, Google estimated that it prevented $2bn in “fraudulent and abusive” transactions.
“We continued to partner with SDK providers to limit sensitive data access and sharing, enhancing the privacy posture for over one million apps on Google Play,” it added in a blog post.
Thanks to stronger Android platform protections and policies, and developer outreach and education, Google said it also prevented around 500,000 submitted apps from unnecessarily accessing sensitive permissions over the past three years.
In fact, developer outreach appears to be an increasingly important part of Google’s efforts to make the Android ecosystem safe for users.
To that end, last year Google launched an App Security Improvements program which it claimed helped developers fix 500,000 security weaknesses impacting 300,000 apps with around 250 billion installs.
A Helpline pilot was also launched in 2022 to give developers assistance with policy queries, while a new Google Play Developer Community, also in pilot, is intended to provide a platform for developers to discuss policy challenges and share best practices.
“We also launched the Google Play SDK Index to help developers evaluate an SDK’s reliability and safety and make informed decisions about whether an SDK is right for their business and their users,” the tech giant added. “We will keep working closely with SDK providers to improve app and SDK safety, limit how user data is shared, and improve lines of communication with app developers.”
However, despite Google’s best efforts, malicious apps continue to make their way with alarming frequency onto the Play store. Most recently, McAfee discovered dozens of Minecraft games containing HiddenAds Trojan malware.