Google has hit back at claims its Android mobile platform is riddled with security issues, arguing in a new report that fewer than 1% of Android devices had a potentially harmful app (PHA) installed in 2014.
Android Security lead engineer Arian Ludwig said in a blog post that the web giant had produced the new report to give users an insight into the behind-the-scenes work Google has been doing to improve the security of the mobile OS.
“Android offers an application-focused platform security model rooted in a strong application sandbox,” he added.
“We also use data to improve security in near real time through a combination of reliable products and trusted services, like Google Play, and Verify Apps. And, because we are an open platform, third-party research and reports help make us stronger and users safer.”
Google Play conducts 200 million scans of Android devices each day, protecting over one billion smartphones and tablets around the world, he claimed.
As for PHAs, fewer than 0.15% of devices that limit their downloads solely to Play had one installed last year, Ludwig continued, adding that the worldwide rate of PHA installs dropped by almost half from Q1 to Q4.
UK and US users also saw a 75% decrease in the rate of installation of PHAs from outside Google Play in 2014, the report found.
Spyware declined throughout the year, as did ransomware, although there was a large spike in activity for the latter towards the end of 2014, the report found.
Newer versions of Android (4.4 and the preview of 5.0) contain security enhancements such as improved authentication and disk encryption.
For those downloading apps from outside Google Play there’s the Verify Apps service, and for the official marketplace Google recently introduced a new manual review policy to scan each app for “potentially harmful behavior and ongoing protection.”
Although there were no critical vulnerabilities found in the Android platform last year, Google patched 30 high-severity flaws, 41 moderate and 8 low-severity.