It’s that time of year again: Google published its annual Android Security & Privacy Year in Review, the holistic report detailing the ways the Mountain View company has made the over 2 billion devices running Android more secure. It’s a massive tome totaling 30 pages, but a few metrics stand out.
Google says that Google Play Protect, Android’s AI-driven built-in defense mechanism that scans over 50 billion apps every day on-device and upwards of 500,000 in the cloud, substantially cut down on the number of Potentially Harmful Applications (PHAs) in Google Play. Last year, only 0.08 percent of devices that used Google Play exclusively for app downloads were affected by PHAs, and even devices that installed apps from outside of Play — 0.68 percent of which were affected by one or more PHAs, down from 0.80 percent in 2017 — saw a 15 percent reduction in malware.
In fact, Play Protect prevented 1.6 billion PHA installation attempts from outside of Google Play in 2018, Google says. Installation attempts outside of Google Play fell by 20 percent from the previous year, and 73 percent of PHA installations were successfully stopped compared with 71 percent in 2017 and 59 percent in 2016.
In all, 0.45 percent of Android devices running Play Protect installed PHAs in 2018 compared with 0.56 percent of devices in 2017, equating to a 20 percent year-over-year improvement. Moreover, Google says, the ratio of PHA installs to total installs decreased by roughly 38 percent from the year prior.
Play Protect isn’t the only tool that’s aided in the fight against PHAs. Build Test Suite (BTS) — a service that scans for preinstalled PHAs across software builds for partner OEM devices with Google services — prevented 242 builds with PHAs from entering the ecosystem, and Google claims that it’s helped over 300,000 developers remediate more than 1,000,000 apps to date.
Another change that made a difference? New alerts from Google Play that warn users about mobile unwanted software (MUwS) — apps that aren’t strictly malware, but which surreptitiously collect data like phone numbers, email addresses, info about installed apps, and third-party account data — that are installed outside of Google Play. Google says that the total number of install attempts coming from MUwS apps declined from 2.09 percent in 2017 to 0.75 percent in 2018.
Also worth noting: Security updates generally made their way to devices at a higher frequency than in previous years. The fourth quarter of 2018 had 84 percent more devices receiving a security update than in the same quarter the prior year, and as of December 2018, over 95 percent of Google Pixel 3 and Pixel 3 XL devices were running a security update from the past 90 days.
Lastly, Google made inroads in combating preinstalled PHAs. It says that now, every new Android-certified device goes through the same app scanning process as apps on Google Play, and that its security scanner “looks for other common security and privacy issues” and denies device certification until manufacturers fix glaring problems. And in 2018, it increased its payouts to security researchers — they surpassed $3 million in total.
Taken together, last year’s efforts tangibly impacted the ecosystem for the better, Google says. It reports that 0.92 percent of sideloaded apps were PHAs, compared to 1.48 percent in 2017, and that all PHA categories saw “strong declines” outside Google Play.