Google steps-up Android security with App Security Program

(Image Credit: iStockPhoto/iunderhill)

Google has deployed a range of efforts to improve Android security over the past few years, but today’s announcement of the 'Google Play App Security Improvement Program' could be its most important.

When you consider insecure operating systems, Android often comes to mind. The platform is a target for hackers due to its amount of users, adoption of exploitable open technologies, and the difficulty which Google experiences in delivering critical security patches. 

Before applications go live on Google's Play Store, they’ll soon be scanned for problems before they're accepted. The scan will highlight any issues with the app which could be exploited now (or in the future) and offer advice to its developer on how to ensure it's secured to keep users protected.  

After the app is submitted, it will continue to be monitored and notifications will be provided in the Google Play Developer Console if anything is flagged. Once the issue has been remedied, the new version can be uploaded and placed live in just a few hours if no further threats are discovered.  

(Image: Google Play Developer Console Alert)

For applications which exist on the store, Google will provide a timeline in which the software must be secured before it's pulled. Developers also won't be able to push other app updates before their insecure apps have been repaired.  

In a blog post, Eric Davis from the Android Security Team wrote: "The Google Play App Security Improvement Program is the first of its kind. It has two core components: We provide developers with security tips to help them build more secure apps, and we help developers identify potential security enhancements when uploaded to Google Play."  

"This week, to help educate developers, Kristian Monsen, one of our engineers, gave a presentation about security best practices at the Samsung Developer Conference. And in 2015, we worked with developers to improve the security of over 100,000 apps through the program."  

Google's latest security measure represents a step-up from its 'Bouncer' initiative which scans the Play Store for malware; but has been outsmarted on several high-profile occasions. Ensuring software is scanned for potential exploits ahead of distribution – in a preventative measure – offers a more effective solution than dealing with the problem once it's hit users' devices.  

Indications point towards Android software being available on Chrome OS in the following months – another reason why Google will be looking to fix security issues.  

What do you think about the latest security initiative from Google? Let us know in the comments. 

Related Stories

Leave a comment

Alternatively

This will only be used to quickly provide signup information and will not allow us to post to your account or appear on your timeline.