Google will closely vet first-time Android developers for security
Google has announced plans to closely vet Android developers without a track record in a bid to boost platform security.
Android security has vastly improved since its early days but that hasn’t prevented some rogue developers from abusing Google’s platform.
Sameer Samat, VP of Android Product Management, wrote in a blog post:
“From the outset, we’ve sought to craft Android as a completely open source operating system.
This developer-centric approach and openness have been cornerstones of Android’s philosophy from the beginning.
But as the platform grows and evolves, each decision we make comes with trade-offs … This responsibility to users is something we have always taken seriously.”
New developers are more likely to create malicious apps than veterans with a history of releasing safe and good quality software. To that end, Google is going to spend more time focusing on those getting started with Android development.
"While the vast majority of developers on Android are well-meaning, some accounts are suspended for serious, repeated violation of policies that protect our shared users," wrote Samat.
Google intends for the reviews to be as undisruptive as possible and estimates they will take ‘days, not weeks’ to be authorised. Improved rejection emails will soon be sent out which more clearly explains the decision, how to make the app compliant for resubmission, and the appeal process.
While apps on the Play Store are continuously being scanned for malware, some developers manage to slip in code to exploit users’ devices. According to Google, once caught, these developers are often repeat offenders and attempt to republish malicious apps by creating a new developer account or buying an existing one.
Google has begun using its AI expertise to help detect and suspend the accounts of these offenders. "While 99%+ of these [past] suspension decisions are correct, we are also very sensitive to how impactful it can be if your account has been disabled in error," wrote the company’s Android team.
The company hopes the longer review times will help to boost security while reducing mistakes which lead to unfair suspensions. Human teams will ultimately decide whether to suspend a developer’s account.
Interested in hearing industry leaders discuss subjects like this? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo, and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London, and Amsterdam.