Google this week announced a pilot feature designed to improve Android’s protections against financial fraud attacks.
Part of Google Play Protect, the enhanced fraud protection will block the installation of sideloaded applications that request sensitive runtime permissions that are frequently abused by fraudsters.
The feature will analyze attempts to install applications from internet-sideloading sources, such as browsers, file managers, or messaging applications, inspecting the permissions the app declared in real-time, specifically looking for four requests: RECEIVE_SMS, READ_SMS, BIND_Notifications, and Accessibility.
“These permissions are frequently abused by fraudsters to intercept one-time passwords via SMS or notifications, as well as spy on screen content,” Google notes.
According to the internet giant, more than 95% of the fraud malware families typically requesting these permissions are installed from sideloading sources.
The enhanced fraud protection in Google Play Protect will pilot in Singapore on Android devices with Google Play Services, in partnership with the Cyber Security Agency of Singapore (CSA), after being tested by the Singapore government.
“During the upcoming pilot, when a user in Singapore attempts to install an application from an Internet-sideloading source and any of these four permissions are declared, Play Protect will automatically block the installation with an explanation to the user,” Google explains.
The internet giant says it will work with CSA on monitoring the results of the pilot to assess impact and make adjustments, and that it will also assist the agency with detection and analysis, through sharing malware insights and techniques.
Developers are advised to review the permissions their applications request, to ensure that they only ask for the permissions they need and that they do not violate the Mobile Unwanted Software principles.
“Always ensure that your app does not engage in behavior that could be considered potentially harmful or malware,” the internet giant points out.
Google cites the Global Anti-Scam Alliance’s 2023 state of scams report, which claims financial fraud losses surpassed $1 trillion, with 78% of mobile phone users experiencing at least one scam over the past year and 45% noting an increase in scams.
The enhanced fraud protection pilot program comes roughly four months after Google Play Protect got real-time code scanning for applications never installed before, to alert users of previously unseen potentially harmful software.
“As a result of the real-time scanning enhancement, Play Protect has identified 515,000 new malicious apps and issued more than 3.1 million warnings or blocks of those apps,” Google says.
Related: Google Contributes $1 Million to Rust, Says It Prevented Hundreds of Android Vulnerabilities
Related: Chameleon Android Malware Can Bypass Biometric Security
Related: Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users
