Google running pilot to combat financial scams on sideloaded apps

Main Image
  • Like
  • Comment
  • Share

Android offers an open ecosystem for both users and developers to play around with apps, customizations, functionalities, and settings to name a few. However, the openness is also shrouded with bad actors trying to use lucrative methods including defenses against AI detection to lure innocent users to steal sensitive data and scam them of millions without leaving a trace.

Understanding the extent of bad actors using financial scams via app installs, Google has commenced a pilot program in Singapore that blocks any and every app that may ask for risky permissions such as access to reading SMSes.

The Current Ecosystem & Why

Android offers an upper hand in terms of flexibility and openness meaning users can download apps not only from supported Play Store but from third-party sources as well. However, the downloaded apps may carry excess baggage depending upon the source of download.

Google Play Protect scans through 125+ billion apps installed on Android phones to detect malicious activities and behavior and block them before they can hurt users. Play Protect is one of the largest threat detection mechanisms that prevents app developers from pushing malicious scripts, spyware, or other threats with their apps on the Play Store.

This is where these developers use third-party marketplaces and app stores to showcase their apps. Since Android smartphones allow sideloading, marketplaces usually steer clear of rigorous testing, and thus, the malicious code reaches users stealing their sensitive data, taking over the phone entirely, and siphoning funds through hundreds of tactics.

In October last year, Google started real-time scanning of apps downloaded via web browsers or the internet using enhanced Google Play Protect. The feature is now available in India, Brazil, Singapore, and Thailand as a part of Google Play Services which actively scans through sideloaded apps.

The scanning proved instrumental as Google was able to detect 515K new malicious apps and sent out 3.1 million warnings or blocks when users tried to install such malicious apps.

Google launches a pilot app scan to combat financial fraud in Singapore

Coming to the primary aspect of this blog, Google has launched real-time scanning on Android users in partnership with the Cyber Security Agency of Singapore (CSA). This pilot runs in Singapore and will use various fraud detection and protection mechanisms to pinpoint apps that could cause malicious infestation on user’s devices.

The pilot will block apps downloaded from the internet and with risky permissions such as “RECEVIED_SMS”, “READ_SMS”, “BIND_NOTIFICATIONS”, and “ACCESSIBILITY”. These are some of the permissions fraudsters may ask to gain access to OTPs, and hide notifications from legit apps, among others.

The feature will automatically block the installation of apps that ask for these permissions if downloaded from the internet. The users will receive a notification that the app was blocked by Play Protect. They can still download the app from the Play Store or other legit sources.

Note that this pilot is available in Singapore only at the time of writing this and will continue for a few weeks. Based on the data obtained and analyzed, the feature will be seen in other parts of the world. Google made it clear that they can run this experimental feature if (countries) show interest in participating in the same.

You can follow Smartprix on Twitter, Facebook, Instagram, and Google News. Visit smartprix.com for the most recent news, reviews, and tech guides.

Related Articles

ImageExclusive: Samsung Galaxy Z Fold 6 360-Degree Video And 5K Renders; Say Hello to Boxy Aesthetics

The Galaxy Z Fold 6, leaks and rumors about the device have been floating around for a while now and yesterday we reported that Samsung might launch the next-generation foldables, Galaxy Ring & Galaxy XR in July. The Galaxy Z Fold 5 was an incremental upgrade over its predecessor and fans now have their fingers …

ImageWhy is Google warning its Users Against Downloading the Bard App? Read Story to Find Out

Leading American Tech giant Google is not a stranger to malware with millions of users affected by the issue on Android. However, in the last few months, Google has been facing a new-age malware challenge that involves Google’s own AI chatbot Bard. Apparently, Google Bard is being misused by scammers to infect malware into users’ …

ImageBollywood Actor Aftab Shivdasani Loses ₹1.5 Lakh in KYC Scam: 5 Tips to Stay Safe

With rapid development in technology, cases of cyber fraud have been on the rise for a while now. Instances of people being duped online are being registered every hour in India. Recently, Bollywood Actor Aftab Shivdasani was allegedly duped of Rs. 1.49 lakhs under what can be termed as a KYC fraud. Mumbai Police has …

ImageGoogle is putting yet another app in graveyard – Google Pay

Google Pay becomes another app to find its way into Google’s graveyard of apps as the search engine giant will cease the peer-to-peer payments app from operations from June 4th, 2024, onwards. Yep, the company has decided to bid adieu to Google Pay in the United States (US) keeping Google Wallet as the sole payment …

ImageApple Will Allow Sideloading Apps To Users In The EU, But On Its Terms

Apple has controlled the app distribution via its App Store for years. While the company has a comprehensive review process for submitting apps, it also charges a significant commission on purchases made by its online app store. To break this, the European Union devised the Digital Markets Act. Apple Plans To Charge Fees From Sideloaded …

Discuss

Be the first to leave a comment.