Google blocked 2.28 million policy-violating apps from being published on the Play Store in 2023, thanks to improved security measures and tighter developer vetting processes. The company rejected or had developers remediate almost 200,000 app submissions to prevent abuse of sensitive permissions like location tracking and SMS access.
The company says providing a safe and trusted Play Store experience is its top priority, underpinned by principles to “safeguard users”, “advocate for developer protection”, “foster responsible innovation”, and “evolve platform defences” against emerging threats.
In addition to blocking millions of policy violations, Google banned 333,000 bad actor accounts involved in confirmed malware distribution and other severe violations. New developer verification requirements like DUNS numbers for organisations aim to increase trust and transparency.
The company partnered with SDK providers to limit apps’ access to sensitive device data and expanded its SDK Index to cover almost 6 million apps—helping developers make better integration choices to boost quality and security.
Google joined forces with Microsoft and Meta in the restructured App Defense Alliance under the Linux Foundation to support adoption of app security best practices across the industry. It also launched Play Store labelling to highlight VPN apps verified through the Alliance’s independent security review.
To protect users installing apps outside the Play Store, Google Play Protect received stronger real-time scanning capabilities to detect malicious code. This identified over five million new malicious apps not distributed via the official store.
Policy updates covered generative AI apps, disruptive notifications, and expanded privacy protections. Apps enabling account creation must now provide in-app and web options to delete accounts and personal data on request.
Around 1.5 million apps not targeting recent Android APIs were made unavailable to new users updating to the latest OS version as an added safeguard.
Looking ahead to 2024, Google says it will remove Play Store apps not transparent about privacy practices. The company also filed a lawsuit against crypto scammers who defrauded users after misrepresenting their malicious apps during the upload process.
“Protecting users and developers on Google Play is paramount and ever-evolving,” explained Google. “We’re constantly working on new ways to protect your experience on Google Play and across the entire Android ecosystem.”
(Photo by Nik Shuliahin)
See also: GitHub’s 2FA rollout boosts supply chain security
Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. The comprehensive event is co-located with other leading events including BlockX, Digital Transformation Week, IoT Tech Expo and AI & Big Data Expo.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.
Google’s commitment to ensuring a safe and trusted Play Store experience is commendable. The strides made in 2023, including blocking millions of policy-violating apps and banning bad actor accounts, demonstrate a proactive approach to maintaining security and integrity.
The introduction of new developer verification requirements and partnerships with SDK providers reflect Google’s dedication to increasing transparency and enhancing app quality and security. Collaboration with industry leaders in the restructured App Defense Alliance further strengthens the ecosystem’s defenses against emerging threats.
I’m particularly impressed by Google’s focus on protecting users installing apps outside the Play Store, with enhancements to Play Protect’s scanning capabilities. This proactive approach to detecting and preventing malicious code is crucial in safeguarding users’ devices and data.
Moreover, the policy updates regarding privacy practices and account deletion options demonstrate a commitment to user privacy and empowerment.
Looking ahead to 2024, Google’s plans to remove Play Store apps lacking transparency about privacy practices and taking legal action against crypto scammers reaffirm its dedication to user protection and trust.
As a platform striving for continuous improvement, Google’s efforts to evolve and adapt to emerging threats are vital in maintaining a safe and secure Play Store environment for users and developers alike.
I applaud Google’s ongoing efforts to prioritize user and developer safety, and I look forward to seeing further advancements in app security and privacy in the year ahead.