Android’s Play Store has a reputation for hosting “dangerous and malicious” apps, which is a bit unfair. The real danger comes from sideloading apps that bypass Play Store protections, so Google can tell that apps you’re sideloading are actually malicious before they’ve even finished installing. We are rolling out extensions.
Play Store is a very safe place to get Android apps in most cases. Google does a good job of weeding out malicious actors (similar to Apple’s App Store), even if a few occasionally slip through. However, Android has a potential sideloading vulnerability that iPhone does not currently have. You can bypass the Play Store and get apps from other sources, such as Amazon’s app store or direct download.
Malicious actors have taken notice, and malware is increasingly spread through sideloading, especially messaging apps. Previously, when you sideloaded an app, Android apps would check it against a list of known malicious apps and issue a warning if a match was found. But that was the extent of the protection you got when you bypassed the Play Store.
Now, Google is taking it a step further, starting with India. When a user sideloads an app, Android performs a “real-time code-level scan” of the app for potential issues before the installation is complete. It starts with the usual process of checking against a list of known malicious apps, but if it turns out that this is an app that hasn’t been scanned yet, you’ll be offered to run a test. It’s up to you whether you want to start the scan or not.
Editor’s picks
Once the scan is complete, you’ll be notified if the app is safe to install or if and what potential issues were found. To be safe, you can abort the installation at that point. Google says the new feature will be rolled out in various countries in the coming months.
Like what you’re reading?
Apply security watch A newsletter that delivers the top privacy and security articles straight to your inbox.
This newsletter may contain advertisements, deals or affiliate links. By subscribing to our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe from the newsletter at any time.