Google works on improving Play Store security to keep malicious apps off Android phones

Google and its Android mobile platform have a problem. Even though Google Play Protect scans apps before you install them on your phone, a recent report from cybersecurity firm Kaspersky revealed that apps stuffed with malicious code were installed 600 million times on Android phones this year. If Google is doing all of this scanning, how is this possible? Let's take a look at a typical Android user. Let's call him Andy.

Andy is impressed by an ad he saw for an app in the Google Play Store that will allow him to edit his videos on-device, so he installs the app on his phone. A few weeks later, the developer (a totally made-up firm called Dewey, Cheetum, and Howe) pushes out an update to the previously benign app that adds the necessary permissions and code to steal the passwords used by Andy to open his financial apps; days later, Andy notices a few unauthorized withdrawals from his bank account.

First seen by AssembleDebug in the GApps Flags & Leaks Telegram channel (via AndroidPolice), Google has created a new onboarding UI for the Play Store. Leaked screenshots show that Android users like Andy may be asked to verify their identity and the method of payment used for in-app purchases. The verified information can be used to make sure that Andy doesn't accidentally install an app in the future with a hefty price tag, or mistakenly install an app loaded with malicious code.

For example, Android users can choose to require verification for all purchases made through the Google Play Store using a fingerprint or facial recognition. Users will have the option to add authentication preferences by using built-in Android security features, checking apps and the user's device using Play Protect, and securing purchases made via the Play Store by adding payment preferences.

If your Android phone is set up with the appropriate settings enabled, a download from the Play Store can be stopped immediately during the installation process if malicious code is detected. Last month, settings surfaced for a feature called Android Safe Browsing that would notify users of a threat in real time as they surfed the internet. This could end up being part of Google Play Protect.

While waiting for Google to make its Play Store security improvements official, users can require that all purchases made on the Play Store be authenticated. And Google Play Protect can, as noted earlier, scan the apps on your phone for malicious code.