A feature to automatically block the installation of suspicious third-party apps on Android will be added to ``Google Play Protect''
Google allows Android devices to install apps obtained from sources other than official app sites (sideloading), but there are often cases where users accidentally install less secure apps. In order to prevent such accidents, it has been announced that a feature will be added to
Google Online Security Blog: Piloting new ways of protecting Android users from financial fraud
https://security.googleblog.com/2024/02/piloting-new-ways-to-protect-Android-users-from%20financial-fraud.html
A new feature introduced in Google Play Protect could potentially use 'sensitive runtime permissions' that are often exploited for financial fraud when users try to install third-party apps. It analyzes apps and blocks them automatically.
There are four permissions that Google Play Protect emphasizes: 'RECEIVE_SMS', 'READ_SMS', 'BIND_Notifications', and 'Accessibility'. These permissions allow users to read the content of SMS and notifications, but they can be used by malicious apps to intercept one-time passwords or read screen content.
According to Google, if a user with Google Play Protect turned on performs sideloading and an app requests any of these four permissions, Google Play Protect will automatically block the installation and provide an explanation to the user. It is said that they will do this.
Developers affected by this exam are being reminded to review the permissions their apps request and ensure they follow developer
This addition of functionality is part of a partnership between Google and the Cyber Security Authority of Singapore, and has also been tested by the Singapore government. The first pilot is expected to begin in Singapore within a few weeks after the announcement on February 6, 2024.
Related Posts:
