Google teams up with Cyber Security Agency to revamp Android security

February 11, 2024
2 mins read

TLDR: Google has partnered with the Cyber Security Agency of Singapore (CSA) to introduce new security measures to protect Android users from fraudulent activities. The pilot project in Singapore aims to enhance the protection offered by Google Play Protect, a system that identifies malicious apps before they cause harm. Google will focus on blocking the installation of certain apps that request runtime permissions commonly exploited for economic fraud, and will closely monitor and analyze the permissions each application requests in real-time. Google Play Protect will also block the installation of suspicious apps requested through sideloading, which accounts for over 95% of these abusive permissions.

Google is collaborating with the Cyber Security Agency of Singapore (CSA) to test new security measures for Android. The company is conducting a pilot project in Singapore to enhance the protection offered by Google Play Protect—an app that helps identify malicious apps before they cause harm. During the pilot, Google will focus on blocking the installation of apps that request certain runtime permissions that are commonly exploited for economic fraud. It will closely monitor the runtime permissions that each application requests in real-time. Permissions like RECEIVE_SMS, READ_SMS, BIND_Notifications, and access to accessibility features—known to be highly vulnerable—are of particular concern, as they are often misused to intercept one-time codes and passwords. More than 95% of these malicious apps are installed via sideloading, so Play Protect will also block the installation of suspicious apps requested through sideloading during the pilot in Singapore, with the Singaporean government’s involvement. Google plans to evaluate the effectiveness of these security measures in collaboration with the CSA. Developers are advised to review the updated guidelines for Play Protect to ensure that their apps are not affected. The outcome of the pilot project will determine if Google implements these enhanced security measures on a broader scale.

Google has partnered with the Cyber Security Agency of Singapore (CSA) to introduce new security measures aimed at protecting Android users from fraudulent activities. The tech giant is conducting a pilot project in Singapore to enhance the protection offered by Google Play Protect, a system that can identify malicious apps before they cause harm. During the pilot project, Google will focus on blocking the installation of certain apps that request runtime permissions known to be commonly exploited for economic fraud. Permissions such as RECEIVE_SMS, READ_SMS, BIND_Notifications, and access to accessibility features will be closely monitored. These permissions are often misused to intercept one-time codes and passwords. It is worth noting that over 95% of apps with these abusive permissions are installed through sideloading from the web. As part of the project, Google Play Protect will also block the installation of suspicious apps requested through sideloading. The Singaporean government has been involved in the development of this approach. The effectiveness of these security measures is currently being assessed, and Google plans to evaluate the results in collaboration with the CSA. Developers are advised to review the updated guidelines for Play Protect to ensure that their apps are not affected by these measures. It is still unclear whether Google will implement these enhanced security measures on a broader scale. The outcome of the pilot project will determine future plans. However, Google’s commitment to exploring innovative methods to protect Android users from fraudulent activities highlights its dedication to combating digital fraud.

Latest from Blog

Samstealer: Stealing Sensitive Data Through Windows Systems

TLDR: Samstealer is actively attacking Windows systems to steal sensitive data. The malware targets browsers, applications, and cryptocurrency wallets to steal passwords and other information. Cybersecurity researchers at CYFIRMA have recently identified