Google and CSA Singapore Combat Android Fraud With New Pilot

Written by

Google has launched a pilot program aimed at enhancing financial fraud protection for Android users in Singapore.

According to a new post published Tuesday by Eugene Liderman, the director of mobile security strategy at Google, the initiative stems from the company’s dedication to maintaining openness, transparency, safety and choice within the Android ecosystem. 

While Android offers users the freedom to download apps from various sources, including the Google Play Store and third-party platforms, the safety of apps can vary depending on the download source.

To address security concerns associated with standalone app distribution sources like web browsers and messaging apps, Google introduced enhanced real-time scanning through Google Play Protect in October 2023. 

This feature aims to detect and block malicious apps, particularly those downloaded from the internet, thereby enhancing user safety. Since its deployment in select regions, the real-time scanning has reportedly identified over half a million new malicious apps and issued millions of warnings.

Read more on this feature: Google Play Protect Bolsters Security Against Malicious Apps

Acknowledging the pervasive threat of financial fraud scams, Liderman said Google is now collaborating with the Cyber Security Agency of Singapore (CSA) to pilot enhanced fraud protection in the country. 

This initiative targets the prevention of mobile financial fraud by automatically blocking the installation of apps that request sensitive runtime permissions commonly abused by fraudsters. These permissions include RECEIVE_SMS, READ_SMS, BIND_Notifications and Accessibility, which are frequently exploited to intercept passwords and spy on on-screen content.

 “The fight against online scams is a dynamic one. As cybercriminals refine their methods, we must collaborate and innovate to stay ahead,” commented Chua Kuan Seah, deputy chief executive of CSA. “Through such partnerships with technology players like Google, we are constantly improving our anti-scam defenses to protect Singaporeans online and safeguard their digital assets.”

Developers are encouraged to review their apps’ permissions and ensure compliance with best practices to mitigate potential impacts from apps targeting the Android ecosystem.

What’s hot on Infosecurity Magazine?