Google has announced a new partnership with three major mobile security companies — ESET, Lookout, and Zimperium — to create an App Defense Alliance. This partnership is Google's newest attempt at stopping "bad apps" from reaching users' devices. The three companies, along with Google, will work closely to make the Google Play Store free from malware apps.
While Google Play Protect already scans for potentially harmful applications (PHAs) before they are published on Google Play, malware-ridden apps still manage to sneak in. In fact, the number of malicious apps in Google Play has been on the rise lately. In a bid to put a curb on it, Google has decided to take help from some of the world's most renowned security firms.
The three members of the App Defense Alliance will integrate Google Play Protect detection systems into their own scanning engines. They can request scans from the Google Play Protect detection systems, while Google can do the same to get results from partner scanning engines. This creates a secure two-way communication between Google and its partners, resulting in early detection and mitigation of PHAs.
Each of these three security companies offers a different approach to scanning app files. This further ensures that an app goes through multiple types of security checks before it reaches Google Play Store.
A much-needed measure
Android is an open ecosystem of over 2.5 billion devices. This humongous open ecosystem's flexibility makes it relatively easy for "bad apps" to circulate and bypass security checks frequently. Every other week, reports of Google removing malicious apps with millions of downloads from the Play Store surface up. In September this year, Threatpost found over 172 malicious apps with over 335 million downloads in the Play Store.
That discovery was followed by Sophos Labs finding 15 adware apps with over 1.3 million downloads in mid-October. A couple of weeks later, ESET discovered another 42 malicious Android apps with a collective download of over 8 million. Seven more malware apps were discovered by Wandera earlier this week.
Evidently, Google is struggling to operate the Play Store security checking program at the necessary scale. Now with the formation of the App Defense Alliance, we might finally see better results. The alliance brings together three companies that have a long history in the field of mobile security. They would surely make a real difference in protecting Android users from malicious apps.
Google has "hand-picked these partners based on their successes in finding potential threats and their dedication to improving the ecosystem". So this tells a lot about Google's vision with the App Defense Alliance.