Google running pilot to combat financial scams on sideloaded apps

Main Image
  • Like
  • Comment
  • Share

Android offers an open ecosystem for both users and developers to play around with apps, customizations, functionalities, and settings to name a few. However, the openness is also shrouded with bad actors trying to use lucrative methods including defenses against AI detection to lure innocent users to steal sensitive data and scam them of millions without leaving a trace.

Understanding the extent of bad actors using financial scams via app installs, Google has commenced a pilot program in Singapore that blocks any and every app that may ask for risky permissions such as access to reading SMSes.

The Current Ecosystem & Why

Android offers an upper hand in terms of flexibility and openness meaning users can download apps not only from supported Play Store but from third-party sources as well. However, the downloaded apps may carry excess baggage depending upon the source of download.

Google Play Protect scans through 125+ billion apps installed on Android phones to detect malicious activities and behavior and block them before they can hurt users. Play Protect is one of the largest threat detection mechanisms that prevents app developers from pushing malicious scripts, spyware, or other threats with their apps on the Play Store.

This is where these developers use third-party marketplaces and app stores to showcase their apps. Since Android smartphones allow sideloading, marketplaces usually steer clear of rigorous testing, and thus, the malicious code reaches users stealing their sensitive data, taking over the phone entirely, and siphoning funds through hundreds of tactics.

In October last year, Google started real-time scanning of apps downloaded via web browsers or the internet using enhanced Google Play Protect. The feature is now available in India, Brazil, Singapore, and Thailand as a part of Google Play Services which actively scans through sideloaded apps.

The scanning proved instrumental as Google was able to detect 515K new malicious apps and sent out 3.1 million warnings or blocks when users tried to install such malicious apps.

Google launches a pilot app scan to combat financial fraud in Singapore

Coming to the primary aspect of this blog, Google has launched real-time scanning on Android users in partnership with the Cyber Security Agency of Singapore (CSA). This pilot runs in Singapore and will use various fraud detection and protection mechanisms to pinpoint apps that could cause malicious infestation on user’s devices.

The pilot will block apps downloaded from the internet and with risky permissions such as “RECEVIED_SMS”, “READ_SMS”, “BIND_NOTIFICATIONS”, and “ACCESSIBILITY”. These are some of the permissions fraudsters may ask to gain access to OTPs, and hide notifications from legit apps, among others.

The feature will automatically block the installation of apps that ask for these permissions if downloaded from the internet. The users will receive a notification that the app was blocked by Play Protect. They can still download the app from the Play Store or other legit sources.

Note that this pilot is available in Singapore only at the time of writing this and will continue for a few weeks. Based on the data obtained and analyzed, the feature will be seen in other parts of the world. Google made it clear that they can run this experimental feature if (countries) show interest in participating in the same.

You can follow Smartprix on Twitter, Facebook, Instagram, and Google News. Visit smartprix.com for the most recent news, reviews, and tech guides.

Related Articles

Imagerealme 14 Pro+ Review: Does It Deliver on All Fronts?

realme’s number series has always been about cameras. Remember the realme 9 Pro+? It brought the IMX766 sensor with OIS to the segment first (I owned one, so yeah, personal experience talking). But then realme kind of lost steam with the 10 Pro+ and 11 Pro+. Fast forward, the realme 12 Pro+ was like a …

ImageWhy is Google warning its Users Against Downloading the Bard App? Read Story to Find Out

Leading American Tech giant Google is not a stranger to malware with millions of users affected by the issue on Android. However, in the last few months, Google has been facing a new-age malware challenge that involves Google’s own AI chatbot Bard. Apparently, Google Bard is being misused by scammers to infect malware into users’ …

ImageBollywood Actor Aftab Shivdasani Loses ₹1.5 Lakh in KYC Scam: 8 Tips to Stay Safe

With rapid development in technology, cases of cyber fraud have been on the rise for a while now. Instances of people being duped online are being registered every hour in India. Recently, Bollywood Actor Aftab Shivdasani was allegedly duped of Rs. 1.49 lakhs under what can be termed as a KYC fraud. Mumbai Police has …

ImageCan’t Sideload Apps on your Samsung Phone/Tablet? Here’s How to Fix

Samsung phones run on One UI, which is based on Android. And one of Android’s strengths is that it allows you to sideload any app not on the Google Play Store via APK files. Unfortunately, Samsung doesn’t seem to like this and is disabling side loading by default. With the launch of the Galaxy Z …

ImageGoogle Launches Two New Security Features For Pixel Devices: Scam Detection And Live Threat Detection

TL;DR To enhance the security of Android users, Google has announced the launch of two new features: Scam Detection and Live Threat Detection. While the former warns users about a fraudulent call in real-time, the latter informs them about an app’s malicious activity as and when detected. For now, the features are available on Pixel. …

Discuss

Be the first to leave a comment.

Related Products