These internal statistics come from a recently-published blog post written by members of Google’s Android Security and Privacy Team, and the Compute Trust and Safety Team.
The authors suggest that new Google Play security features, policy enhancements, bettered app review processes, “continuous investments in machine learning systems,” and other efforts have helped in the fight against bad apps and bad actors over the course of last year.
By blocking the publishing of 1.43M violative apps, and banning 173K “bad” accounts — accounts used by malicious developers to publish apps that intrinsically violate the marketplace’s policies — Google approximates that it’s prevented over $2 billion (around £1.6B) in fraudulent and abusive transactions.
Google also noted that phone, email, and other identity verification methods have contributed to a reduction in the number of bad accounts.
Further, Google cites developer outreach and education — as well as strengthened Android platform protections and policies — as resulting in the prevention of approximately 500K submitted Play apps from unnecessarily accessing sensitive permissions over the last three years.
Speaking of developers, collaborating and supporting app developers appears to be a particular focus for Google in its efforts to ensure Google Play remains as safe and secure as possible.
“As the Android ecosystem expands, it’s critical for us to work closely with the developer community to ensure they have the tools, knowledge, and support to build secure and trustworthy apps that respect user data security and privacy,” wrote the post’s authors.
For instance, due to Google’s App Security Improvements Program, developers apparently fixed around 500K security weaknesses impacting roughly 300K apps with a combined install base of approximately 250B instals.
Android OS updates are also having a positive knock-on effect regarding security and Google Play, Google says.
“In addition to the Google Play features and policies that are central to providing a safe experience for users, each Android OS update brings privacy, security, and user experience improvements,” stated the post’s authors.
“To ensure users realize the full benefits of these advances — and to maintain the trusted experience people expect on Google Play — we collaborate with developers to ensure their apps work seamlessly on newer Android versions.
“With the new Target API Level policy, we’re strengthening user security and privacy by protecting users from installing apps that may not have the full set of privacy and security features offered by the latest versions of Android.”
Google’s Play-oriented security work is indubitably a necessary, ongoing endeavour. Not least because, just two weeks ago, a report from Kaspersky — the cybersecurity solutions provider — pointed to growing trends around using Google Play as a platform for malicious and unwanted applications.