At this time, Google introduced new security measures coming to Android 15 and Google Play Defend that may assist block scams, fraud, and malware apps on customers’ units.
Introduced at Google I/O 2024, the brand new options are designed not solely to assist finish customers but additionally to warn builders when their apps have been tampered with.
“Today, we’re announcing more new fraud and scam protection features coming in Android 15 and Google Play services updates later this year to help better protect users around the world,” reads a Google weblog submit from Dave Kleidermacher, VP Engineering, Android Safety and Privateness.
“We’re also sharing new tools and policies to help developers build safer apps and keep their users safe.”
Defending in opposition to spyware and adware, banking malware
Google is introducing quite a few new options in Android 15 that are aimed at blocking banking trojans and spyware and adware from stealing your info.
Android banking trojans are used to steal customers banking credentials by displaying faux login overlays, stealing MFA codes from notifications/messages, and permitting risk actors to remotely management units.
Over time, researchers have illustrated how Android malware generally steals one-time passcodes from messages and notifications. Final yr, a new model of the Xenomorph Android malware took it a step additional by permitting MFA codes to be stolen from Google Authenticator.
Google has introduced new security measures that trigger one-time passcodes to be hidden from notifications in order that malware can’t steal them.
The corporate can be increasing its restricted settings function to incorporate extra permissions that customers should explicitly grant apps to stop them from stealing knowledge.
Google says they’re additionally introducing new options that defend in opposition to screen-sharing assaults performed by way of social engineering.
When Android is in screen-sharing mode, the working system will mechanically block delicate info from showing in notifications in order that it can’t be stolen by distant risk actors.
“During screen sharing, private notification content will be hidden, preventing remote viewers from seeing details in a user’s notifications,” explains Kleidermacher.
“Apps that post OTPs in notifications will be automatically protected from remote viewers when you’re screen sharing, helping thwart attempts to steal sensitive data.”
This new function may even stop your display from being proven to attackers when coming into credentials and bank card info throughout a screen-share session. A function rolling out later this yr will show extra distinguished indicators when display sharing is lively.
Lastly, Google is rolling out notifications alerting you when related to an unencrypted mobile community to dam Stingray assaults.
“We’ll notify you if your cellular network connection is unencrypted, potentially exposing voice and SMS traffic to radio interception, and potentially visible to others. This can help warn users if they’re being targeted by criminals who are trying to intercept their traffic or inject a fraud SMS message,” Kleidermacher additional shared.
“We’ll help at risk-users like journalists or dissidents by alerting them if a potential false cellular base station or surveillance tool is recording their location using a device identifier.”
Bringing AI to Google Play
Google says they’re introducing a brand new function referred to as Google Play Defend reside risk detection, which makes use of on-device synthetic intelligence to detect when an Android app performs suspicious conduct.
The app is then despatched again to Google for evaluate, and customers are warned to disable it till it may be decided whether it is malicious.
For builders, Google has up to date its Play Integrity API to permit builders to test if apps are working in safe environments.
The API has now been up to date to permit dev to test the next in-app indicators:
- Threat From Display screen Capturing or Distant Entry: Builders can test if there are different apps working that could possibly be capturing the display, creating overlays, or controlling the system. That is useful for apps that wish to conceal delicate info from different apps and defend customers from scams.
- Threat From Identified Malware: Builders can test if Google Play Defend is lively and the consumer system is freed from identified malware earlier than performing delicate actions or dealing with delicate knowledge. That is significantly worthwhile for monetary and banking apps, including one other layer of safety to guard consumer info.
- Threat From Anomalous Units: Builders can even opt-in to obtain latest system exercise to test if a tool is making too many integrity checks, which could possibly be an indication of an assault.
Google says all these options will probably be rolling out to Android customers by way of Google Play companies updates and Android 15 later this yr.