Security Experts:

Connect with us

Hi, what are you looking for?


Mobile & Wireless

Google Introduces Security Transparency Report for Android

Google last week added a quarterly Android Ecosystem Security Transparency Report to its Transparency Report site. 

Google last week added a quarterly Android Ecosystem Security Transparency Report to its Transparency Report site. 

The new report aims to provide users with additional insights into how often it detects devices with potentially harmful applications (PHAs) installed, based on routine, full-device scans performed by Google Play Protect. 

A built-in protection on Android devices, Google Play Protect currently scans over 50 billion apps every day, both from inside and outside of Google Play, the Internet search giant says. The purpose of these scans is to find PHAs, warn users on their presence, and disable or remove them. 

According to Google, the percentage of Android devices with PHAs on them was below the 1% mark in 2014 and has been steadily declining ever since. The trend continues throughout 2018 as well, the company says. 

As part of the new transparency report, users will be provided with PHA rates in three areas: market segment (whether a PHA came from Google Play or outside of Google Play), Android version, and country. 

“Google works hard to protect your Android device: no matter where your apps come from. Continuing the trend from previous years, Android devices that only download apps from Google Play are 9 times less likely to get a PHA than devices that download apps from other sources,” the company says.

Google reviews submitted apps before publishing them in Google Play, to confirm they comply with the storefront’s policies. A risk scorer is used to analyze apps and detect potentially harmful behavior and suspicious apps are flagged and referred to a security analyst for manual review. 

Apps the users download from outside of Google Play are also scanned, and devices are protected from threats arriving in this manner as well. 

The Android Ecosystem Security Transparency Report includes a market segment chart with the percentage of Android devices that have one or more PHAs installed over time. Information is provided on PHA rates for devices that either install exclusively from Google Play or from outside of Google Play as well.

“In 2017, on average 0.09% of devices that exclusively used Google Play had one or more PHAs installed. The first three quarters in 2018 averaged a lower PHA rate of 0.08%. […] In 2017, ~0.82% of devices that installed apps from outside of Google Play were affected by PHA; in the first three quarters of 2018, ~0.68% were affected,” Google explains. 

Newer Android versions are less affected by PHAs, due to continued platform and API hardening, security updates, and app security and developer training. Newer Android versions, Google also claims, are more resilient to privilege escalation attacks that were previously abused by PHAs to gain persistence and protect themselves against removal attempts. 

According to Google, PHA rates in the ten largest Android markets have remained steady, and the new transparency report includes a chart with PHA rates for the top 10 countries with the highest volume of Android devices. 

“India saw the most significant decline in PHAs present on devices, with the average rate of infection dropping by 34 percent. Indonesia, Mexico, and Turkey also saw a decline in the likelihood of PHAs being present on devices in the region. South Korea saw the lowest number of devices containing PHA, with only 0.1%,” Google explains.

Related: Google Reviews Over 50 Billion Android Apps Daily

Related: 700,000 Bad Android Apps Removed From Google Play in 2017

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

The February 2023 security updates for Android patch 40 vulnerabilities, including multiple high-severity escalation of privilege bugs.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

South Dakota Gov. Kristi Noem says her personal cell phone was hacked and linked it to the release of documents by the January 6...