lundi 4 mars 2019

Google has flagged over one million apps to date for pre-release security issues

Google Play Store app Pixel 2 XL AA 3

Google has implemented several measures over the years to bring peace of mind to Play Store users. One of these initiatives is the Application Security Improvement Program for apps that are submitted to the store for approval.

Now, Google has confirmed that this initiative has flagged over one million apps for security concerns before they're available to download by Play Store users. Furthermore, the Mountain View company said the program helped over 30,000 developers fix more than 75,000 apps in 2018 alone. The Application Security Improvement Program was first launched five years ago, so what does it actually do?

Read: You can no longer fully unlock your Android phone with your voice

"Think of it like a routine physical. If there are no problems, the app runs through our normal tests and continues on the process to being published in the Play Store. If there is a problem, however, we provide a diagnosis and next steps to get back to healthy form," Google notes on its online security blog.

The company says the Application Security Improvement Program covers a broad variety of security issues, such as vulnerabilities in specific libraries or inadequate TLS/SSL certificate validation. But Google added six new security vulnerability categories in 2018, outlined below:

  • SQL Injection
  • File-based Cross-Site Scripting
  • Cross-App Scripting
  • Leaked Third-Party Credentials
  • Scheme Hijacking
  • JavaScript Interface Injection

Google notes that it'll continue to "evolve" the initiative in light of new threats. But it's clear the company is taking security and privacy more seriously in recent years, as evident by its new (yet flawed) permissions policy and its Play Protect feature.

Editor's Pick

The Mountain View firm revealed in February that Play Protect scans over 50 billion apps on devices each day in order to find potentially harmful apps. Furthermore, the company said rejected app submissions were up 55 percent last year, while app suspensions were up 66 percent.

Harmful apps do occasionally slip through Google's net though, as evident by a Trend Micro report earlier this year. The security firm found over two dozen malicious beauty apps on the Play Store, pushing sketchy ads and stealing photos.

NEXT: Not all 5G smartphones are created equal



from Android Authority https://ift.tt/2C37s7v
via IFTTT

Aucun commentaire:

Enregistrer un commentaire