Google on Monday said improved security processes helped to block 2.28 million privacy-violating applications from being published in its Google Play app store in 2023.
The company said investments in better security features, updated policies, advanced machine learning and application review processes, and strengthened developer onboarding helped in the battle against bad Android apps and actors trying to slip into the application storefront.
Enhanced safeguards allowed Google to identify bad actors and fraud rings more effectively, and to ban a total of 333,000 bad accounts from Google Play, for malware distribution and repeated severe policy violations.
Last year, Google rejected or requested remediation for close to 200,000 application submissions that used sensitive permissions, the internet giant says.
To improve user privacy, Google worked with SDK providers to reduce sensitive data access and sharing, with impact on more than 30 SDKs and over 790,000 applications.
The Google Play SDK Index, which provides information on the commercial software development kits on Google Play, has been expanded to cover toolkits used in almost 6 million Android applications.
The internet giant also said it is working with Microsoft and Meta, as part of the restructured App Defense Alliance (ADA) to foster the adoption of app security best practices and guidelines, as well as protections against emerging threats.
In line with Google’s push to improve user safety, VPN applications that complete a security review through ADA’s Mobile App Security Assessment (MASA) will be labeled accordingly in Google Play, to increase their visibility.
This enhancement adds to the real-time code scanning capability announced for Google Play Protect in October 2023, which will trigger when installing applications never scanned before, to warn users of potentially malicious software and protect them from emerging threats.
Leveraging ML algorithms, the enhanced protection has already helped the internet giant identify more than 5 million malicious applications distributed outside of Google Play. Additionally, updated policies regarding developer account creation and tightened testing requirements should ensure that more high-quality content is published in Google Play, the company added.
To further improve user privacy and security, applications that allow account creation are now required to allow account and data deletion from the application and online, and roughly 1.5 million applications that do not target the most recent Android APIs are no longer available to new users who updated to the latest Android iteration.
Related: VPN Apps on Google Play Turn Android Devices Into Proxies
Related: Two Apps Hosted on Google Play Sent User Data to Chinese Servers
Related: Spyware Found in Google Play Apps With Over 420 Million Downloads
Related: Google Blocked 1.4 Million Bad Apps From Google Play in 2022