Google explains how Android detects malware before it gets out of hand
Security! No, really, security. That word is practically synonymous with the Android operating system, which is why the Android Developers Blog is always taking about it. In today's installation, Megan Ruthven, Software Engineer for Android, writes about how the development team developed a metric to help identify Dead or Insecure (DOI) apps floating around in the Play Store.
If you remember back to Marshmallow, Android introduced the Verify apps functionality to scan devices for any Potentially Harmful Apps (also known PHAs). Over time, some devices stopped checking in with Verify apps. This usually occurs when you've switch phones or something more pressing is happening in the background. If it's the latter situation, that's because there's an app installed on your device that refuses to identify itself against the Verify apps database. The Android dev team is using the statistics from those apps devices to find other offensive ones:
You can read more about the formula employed by the Android development team in the blog post. Thus far, the DOI metric managed to flag over 25,000 apps related to three well-known malware families, including Hummingbad, Ghost Push, and Googligan.
Be an expert in 5 minutes
Get the latest news from Android Central, your trusted companion in the world of Android
Florence Ion was formerly an editor and columnist at Android Central. She writes about Android-powered devices of all types and explores their usefulness in her everyday life. You can follow her on Twitter or watch her Tuesday nights on All About Android.