In a recent blog post, Google has revealed that since its launch five years ago, the Application Security Improvement Program has helped over 300,000 developers identify and fix issues with more than a million apps on Google Play. 75,000 apps that posed a potential security risk were identified last year alone.
Before getting published on the Google Play Store, apps submitted by developers are scanned for vulnerabilities under the Application Security Improvement Program. If no issues are found, the app is subjected to the routine tests before appearing on Google Play. However, if there is a problem, the app is flagged to the developer, who is then offered a diagnosis and the next steps to be followed to iron out the kinks.
This is Google’s way of ensuring that apps distributed through its app store are safe and secure. In addition to the newly uploaded apps, all the other apps on Google Play are also regularly re-scanned for additional threats. Moreover, the App Security Improvement program also provides tips to developers for building more secure apps.
A broad range of potential security issues are covered with the App Security Improvement program and it is continuously being updated to improve the existing parameters and launch new checks. Last year, warnings were issued for six more security vulnerability classes including JavaScript Interface Injection, SQL Injection, File-based Cross-Site Scripting, Leaked Third-Party Credentials, Cross-App Scripting, and Scheme Hijacking.
By constantly evolving the program to deal with the emerging challenges, the search giant ensures that it stays at the top of the game to keep Android users safe. By not uploading apps that are deemed a threat to Google Play, the search giant prioritizes the safety of users. At the same time, it helps developers build apps that are free of known vulnerabilities. This is key to the health of the overall Android ecosystem.
Application security is not something that’s optional and lack of it can undermine the trust users have in a particular platform. With the rise in the number of apps, the associated risk and vulnerabilities have also shot up. In the past few years, Google has done a lot to improve Android’s security and has pledged to continue doing so in the future as well.
As users increasingly use their smartphones and tablets for tasks that they would have otherwise done on their PCs, such as shopping online and banking, cybercriminals have made mobile devices their target. Apps could be an important entry point for hackers to break into devices. However, since app security can sometimes be tricky, Google has extended its full support to developers to help them make apps that are safe.
Being an open source platform, Android is inherently vulnerable to attacks. Moreover, since apps distributed outside of Google Play can bypass security tests, they are a good starting point for cybercriminals to target users. So, while Google is working on making its app review process more stringent, it is also essential that users avoid installing apps through shady channels as much as possible.