Google introduces continual on-device monitoring to fight malware-ridden apps

Google has introduced continual on-device monitoring for Android devices in order to protect users from applications which can cause malicious activities without the knowledge of the user.

Android has been historically known to be less secure compared to other platforms due to its open nature, but now Google is stepping up their efforts to protect users from being scammed by malicious applications by updating the app verification service on the users' devices.

In rare cases, applications which manage to pass Google's certification and are downloadable through the Google Play Store, carry out malicious activities through third party services later, such applications will finally be reduced as Google will now be using an app scanning system on the device itself to check apps prior to installation as well. Users who sideload applications will also be notified before installing, if the scanning system detects any issues with it. According to Google's Android blog, the new verification service will be keeping a check on applications even after installation to protect users.

Google's latest approach of bundling services with the Google Play applications will allow the company to provide the security update to Android devices running Gingerbread (2.3) or higher without depending on carriers or device manufacturers. Although the verify applications service is not a guaranteed safety measure against other forms of exploits, it is a step in the right direction from Google rather than taking potshots at competitors.

Image via Google

Report a problem with article
Previous Story

Twitter adds real-time notifications to web page

Next Story

Microsoft offers two Windows 8.1 Update install fixes, but problems remain

62 Comments

Commenting is disabled on this article.

Already crappy battery life will become even worse. I'll stick with what I have already. I prefer my app store pre-scan my apps so I don't have to run a battery suck like this.

If you're Google, and find the number one paid "app" in your store is a fake "anti-virus," that is costing your users real money, yet do nothing to solve the root issue, and worse, if your users are being conditioned to believe that they need anti-virus apps in the first place, then you are doing something wrong. Very, very, wrong.

Looks like Windows has been don't it wrong for years then. A users are conditioned to install antimalware on all systems. And how much user data was stolen over the years in Windows devices. A ton.

You bash Android with what has been a Windows problem for years.

techbeck said,
Looks like Windows has been don't it wrong for years then. A users are conditioned to install antimalware on all systems. And how much user data was stolen over the years in Windows devices. A ton.

You bash Android with what has been a Windows problem for years.

These are smartphones we're talking about. Not PC systems.

Dot Matrix said,

These are smartphones we're talking about. Not PC systems.

Same damn thing, different platform. You continue to use Windows systems over the years when they are invested with malware. Then you continue to bash Android for the same problem. Then Android comes with new ways to protect you. (verify apps and this new tool) the same way MS tried to help (UAC, MSE). Both systems which are half assed but some how, Android isnt doing enough.

I get it, lots of people here hate android. Good, I have no problem with that. But it is silly to bash a platform when the one you are supporting has been known for the same thing. Dont like something, dont use it. IF malware was such a problem with these anti Android and pro Win people, then they wouldnt use either platform.

Edited by techbeck, Apr 13 2014, 2:37pm :

MikeChipshop said,

What's the real difference though Dot?

Smartphones are a different breed of device. The application and multitasking sets are different. The very notion of running anti-virus apps on them is laughable at best, and if you're having issues with that, then you're doing something wrong.

Dot Matrix said,

Smartphones are a different breed of device. The application and multitasking sets are different. The very notion of running anti-virus apps on them is laughable at best, and if you're having issues with that, then you're doing something wrong.

But smartphones are now as prevalent in society as PC's. This means a huge influx of non-tech people own and operate them. These people need all the help they can get. In that sense there's no difference between a regular PC and a Smartphone, both can suffer from malware and both will, without a little help.

Edit: Sorry, just saw that techbeck had said it better!

MikeChipshop said,

But smartphones are now as prevalent in society as PC's. This means a huge influx of non-tech people own and operate them. These people need all the help they can get. In that sense there's no difference between a regular PC and a Smartphone, both can suffer from malware and both will, without a little help.

Edit: Sorry, just saw that techbeck had said it better!

But you don't have these issues on iOS or Windows Phone, because the stores are differently operated. That's the issue.

Dot Matrix said,

But you don't have these issues on iOS or Windows Phone, because the stores are differently operated. That's the issue.

Also their eco-systems are far more locked down. The beauty of Android in the first place is you can poke and tinker with it, which also means those suspect types can do the same so that's going to lead to far more suspect applications in the first place. I do agree however that the store needs to be more tightly controlled but is this not the first step in increasing Android security? So why all the hate.

I don't have this issue with my HTC8X but then i don't many apps either.

Android's lack of security and easy of attack have nothing to do with its "open nature". Android is a poorly designed, very, very, very old-fashioned operating system. Being based on Java means that Android is an OS for script-kiddies and not at all for real software development. The word "toy" springs to mind but that would be an insult to many real toys.

I believe a lot of people are concerned mainly because of the past practices by google. Of all the big IT companies, Google has the worst privacy records. I would definitely be concerned if they placed a non-stop monitoring tool on my smartphone.

It's not a monitoring tool. It checks signatures of apps and if they match known malicious apps they get removed. Or if an app claiming to be Facebook has a different signature than the one on the Play Store.

It's an additional security. Similar to what Microsoft is doing with Defender on Windows 8.1.

You can disable it if you want anyway. Otherwise it's just an additional security on an open platform. Not everything installed can be checked at install time if you allow things to be installed outside the regular channels.

stevan said,
I believe a lot of people are concerned mainly because of the past practices by google. Of all the big IT companies, Google has the worst privacy records. I would definitely be concerned if they placed a non-stop monitoring tool on my smartphone.

There is also an option to disable the feature.

So if you don't feel like enabling it, disable it, then again if you feel like that about Google stop using the phone in the first place.

There is a reason Android phones are cheaper compared to the iPhone.

stevan said,
I believe a lot of people are concerned mainly because of the past practices by google. Of all the big IT companies, Google has the worst privacy records. I would definitely be concerned if they placed a non-stop monitoring tool on my smartphone.

Android smartphones are monitoring tools by themselves to serve their advertising goals... this "antimalware" is just the icing on the cake. They're completely dropping the ball on securing apps on their own app store and have deferred this responsibility to users, period.

Arkos Reed said,

Android smartphones are monitoring tools by themselves to serve their advertising goals.

No more or less than any other smartphone.

I have a feeling that Google could cure cancer and all the haters will have something negative to say. Funny.

Anyway, Good that Google is actually doing something. They could of just let things go by the way it is and said screw it. Make it a users problem.

Edited by techbeck, Apr 12 2014, 6:26pm :

They DID make it a users' problem by doing exactly this. The whole point is to not have these malicious apps in the store in the first place, not removing them AFTER users start getting hit by them.

Those who get affected before the app has been removed won't give a damn, to them the damage has potentially already been done.

All stores have malicious apps/fake apps. Do some reading on the subject. Want to be all safe. warm and cozy, then ditch the smart phone and go back to a dumb phone.

I am personally quite capable of avoiding malicious apps by myself, thank you very much. And I've already read up on the subject enough to know that there is no excuse for letting malicious apps into an app store - just because the developers are crying little manchildren who keep b******g about the approval process (and always have been, mind you) doesn't mean neither Google, Microsoft nor Apple need to simplify the approval process so much so that it endangers their customers.

If they stuck to their guns and actually gave a damn, we wouldn't be in this situation and... Oh wait, both Google and Apple have, like, 10 000 fart apps - never mind, silly of me to expect anything lol

Thats sum it up it is a anti-virus of its own kind. And on top they will be able to update it without your carrier be involved. that is the best in my opinion. They never stated they will get any report form it and even so i am sure they will ask in the permission section at installation for your approuval. Just decline and don't install if you don't want to.

But again why will you not approuve if they request info from the software they install yes there software not yours and about the apps it prevent to run why would you not give them a log of it, to help them improve the app further???. They wont ask for your info on the phone at all only the apps info it blocks on the phone itself and the crash log from the google app that acts like the anti-virus.

I would agree. A lot of programs ask for or gather data. They use it reports on bugs, crashes, and how to improve their software.

Even the Verify Apps feature they have now, you can turn off. I am betting same will go with the update. Those who know the proper way to use thier phone will disable it, othes, who need it, will keep it active. Just like UAC for Windows.

Edited by techbeck, Apr 12 2014, 6:23pm :

techbeck said,
Antivirus? Funny considering Android doesnt get viruses.

A term a lot of people use when talking about anti-malware, which Android certainly can get, just like any other OS, and modern suites check for a lot more than just viruses. Anti-virus is personally a rather outdated term as actual viruses are quite uncommon nowadays.

So instead of fixing the broken approval process, or outright removing offending apps, they're just going to rely on an AV like feature in Android? Cheap.

Dot Matrix said,
So instead of fixing the broken approval process, or outright removing offending apps, they're just going to rely on an AV like feature in Android? Cheap.

How exactly is the Google App approval process broken?

The amount of actual malicious applications being approved on the Google Play Store is very low. Since that is the only store that matters, or its the largest and only official application store on Android, its the only one I consider worth talking about.

Dot Matrix said,
So instead of fixing the broken approval process, or outright removing offending apps, they're just going to rely on an AV like feature in Android? Cheap.

as stated above. they don't care about fixing the system. They care to spy on you on every turn and this is what it is.

TheGhostPhantom said,

How exactly is the Google App approval process broken?

The amount of actual malicious applications being approved on the Google Play Store is very low. Since that is the only store that matters, or its the largest and only official application store on Android, its the only one I consider worth talking about.

Is that why the number one paid app was a do-nothing "AV"?

Dot Matrix said,

Is that why the number one paid app was a do-nothing "AV"?

Well, to be honest, that app wasn't technically malicious. It didn't do any harm, except to peoples' wallets; in fact, just like you mentioned, it didn't do jack.

Still, I'm baffled how such a fake app could rise to the top of the download list and have such a high score. Sometimes I think that majority of people in fact ARE stupid.

Dot Matrix said,

Is that why the number one paid app was a do-nothing "AV"?

Yea, WP approbal process is so much better letting through those fake Google apps.

No App store is perfect and this topic has already been debated to death.

Exactly what I wanted to post as soon as I read this.

Instead of fixing it, they are just going to use it as an excuse to intrude upon their users' devices even more.

God, my contract needs to end soon so I could get a Lumia and be rid of Scroogle once and for all.

Dot Matrix said,

Is that why the number one paid app was a do-nothing "AV"?

Haha, the one that YOU called "Malware?". Go away. You have no idea what you're talking about.

Dot Matrix said,

Is that why the number one paid app was a do-nothing "AV"?

It was also published by a do nothing unknown company which anyone with a brain provided they took 60 seconds of research before purchasing would have determined it was published by a do nothing unknown company.

There are tons of do nothing unknown companies with pointless apps on the iOS Store.

Dot Matrix said,

You're right, I don't. There's nothing wrong with the Google Play store at all. Oh, wait http://www.cbsnews.com/news/go...store-suffers-from-malware/

Welcome to the real world, the real world full of rapists, paedos, scammers, hackers, and arseholes who want to do nothing but ruin your digital life. It happens, deal with it and get over it. The way you talk you'd think this stuff was breaking news.

The fake AV app was NOT malware, but YOU classed it as so. I was the one who corrected you in the comments on its article here, that's my point.

TheGhostPhantom said,

How exactly is the Google App approval process broken?

The amount of actual malicious applications being approved on the Google Play Store is very low. Since that is the only store that matters, or its the largest and only official application store on Android, its the only one I consider worth talking about.

Sorry, but Play is no longer the largest Android app store. In China they have much larger. It's estimated that well over 90% of Android phones are infected.

Why don't they fix their crummy operating system instead of applying band aids?

Tidosho said,

Welcome to the real world, the real world full of rapists, paedos, scammers, hackers, and arseholes who want to do nothing but ruin your digital life. It happens, deal with it and get over it. The way you talk you'd think this stuff was breaking news.

The fake AV app was NOT malware, but YOU classed it as so. I was the one who corrected you in the comments on its article here, that's my point.

It may have not been "malware" per se, but it was still malicious to users and their money. It was still an app that should never have passed the submission process, let alone become the number one paid app on the Play store. To make matters worse, thousands of fake users posted good reviews of thing like it was the second coming. That alone, to me, tells me that the Play store is broken, and what does Google do? Install a malware scanner to the Android OS. In other words, a big "**** you" to Android users.

It's no secret the Play store is full of horrors. This story is just the newest in a long history of blunders, and instead of fixing the root cause, Google is doing nothing more than taking on a cheap fix, that is nothing more than a marketing scam. They now can claim you're safe, while continuing to bolster fake app count numbers.

Edited by Dot Matrix, Apr 13 2014, 5:34am :

You see, I'm smart. Instead of whining, I find the app elsewhere, and sideload it. If it does what it says, I go to the Play store and buy the genuine version. I'm not worried about sideload viruses, my phone is well protected and backed up.

As I posted in the thread about the app, there are lots of comment shills, who are probably paid to write good reviews of fake apps. The developers make their money back from the subsequent purchases made by general public fooled into buying by the fake reviews. Your average Joe is ignorant. They look at reviews, don't question the validity of them, and buy the app, the scammers know this all too well and play into it.

I always report suspect comments in Play, most of them are blindingly obvious and not even related to the app in question. One guy even posted "qwertyuiopasdfghjklzxcvbnm" as a comment once, I flagged it immediately.

Dating sites, gambling, app stores, even the death of people like Peaches Geldof, God rest her sweet soul. Sick ###### scammers will cash in.

Wait. Fight malware with spyware? way to go Google. Of course now they will be able to collect more information than ever instead of making the OS more secured and immune to these types of malware.

So instead of READING the article and available information you rather spout some inane nonsense? I shouldn't be surprised anymore, you people will hate anything they do out of spite

Or maybe you havent? Now Google keeps taps on every application on your phone, sideloaded or not.
Whether or not Google uses this data beyond just this security aspect is debatable.

Shadowzz said,
Or maybe you havent? Now Google keeps taps on every application on your phone, sideloaded or not.
Whether or not Google uses this data beyond just this security aspect is debatable.

iOS does this too, how else do you think it checks for updates?

Mobius Enigma said,

Not even close to being the same.


Do you happen to have access to apple's servers and databases to confirm what data they do and don't store or do you (most probably) know buggar all about it?

nickcruz said,
Wait. Fight malware with spyware? way to go Google. Of course now they will be able to collect more information than ever instead of making the OS more secured and immune to these types of malware.

Wow, someone forgot their foil hat this morning . Pure fear mongering and you have no clue what is going on.

z0phi3l said,
So instead of READING the article and available information you rather spout some inane nonsense? I shouldn't be surprised anymore, you people will hate anything they do out of spite

Agreed

And Google is just doing what current Windows Malware scanner can do and what many people use. But since it is Google doing this, Google is stealing your info and keeping tabs on everything you do.

Edited by techbeck, Apr 12 2014, 6:01pm :

techbeck said,

Agreed

And Google is just doing what current Windows Malware scanner can do and what many people use. But since it is Google doing this, Google is stealing your info and keeping tabs on everything you do.

oh silly fanboy, this is not a malware scanner... it's a monitoring scanner to find out where you are at and since you probably have one of those nexus devices it's ok if you want to allow them to monitor you but let's be clear truth is truth no matter how you slice it. And google is a marketing company and they live to monitor all their users the most they can, this is no different.

No tinfoil hat here.

no, I do not have a Nexus device ATM and not filled with fear, hate, and paranoia like some. I happily enjoy all my MS, Google, and Apple products.

No tinfoil hat here.

Full foil body armor then...whatever.

Sounds like a Windows Defender sort of thing to me. I can understand it being a needed protection against things downloaded from unofficial sources. Although 99% of the people I know just use the Google Play store. Maybe those sources are more popular in places like China?

n_K said,

Do you happen to have access to apple's servers and databases to confirm what data they do and don't store or do you (most probably) know buggar all about it?

It has nothing to do with the data they store or don't store, it has to do with the active monitoring on the device and WHY Android has to 'recheck' previously authorized software.

With iOS (which isn't the best security model either), an App that gets installed can't be hijacked in the same way an Android App can be and remain an authenticated App.

Mobius Enigma said,

It has nothing to do with the data they store or don't store, it has to do with the active monitoring on the device and WHY Android has to 'recheck' previously authorized software.

With iOS (which isn't the best security model either), an App that gets installed can't be hijacked in the same way an Android App can be and remain an authenticated App.


Err yes it can, and did, because a researcher made a genuine app and then turned it into something dodgy and it stayed up on the app store until he revealed on the net and a research paper what he'd done.
Apple has a 'phone home' system (which can be disabled using jailbroken tweaks) to check if an app is marked as dodgy or not. If it is marked as dodgy, it is silently deleted from the phone, and that's been in iOS since iOS version 2.
Oh, what's that? Apple has the exact same system and has done for years?

nickcruz said,
Wait. Fight malware with spyware? way to go Google. Of course now they will be able to collect more information than ever instead of making the OS more secured and immune to these types of malware.

I suggest you forgo modern equipment and instead concentrate on smoke signals.

n_K said,

Err yes it can, and did, because a researcher made a genuine app and then turned it into something dodgy and it stayed up on the app store until he revealed on the net and a research paper what he'd done.
Apple has a 'phone home' system (which can be disabled using jailbroken tweaks) to check if an app is marked as dodgy or not. If it is marked as dodgy, it is silently deleted from the phone, and that's been in iOS since iOS version 2.
Oh, what's that? Apple has the exact same system and has done for years?

One aspect, 'remote disable/remove', does not equate the two. You are comparing a server side disconnect with a localized real-time monitoring system.

They are NOT the same. PERIOD.

Even WP has remote disable, that doesn't make it anything like the duck tape Google is trying to use on Android broken App distribution model.