Google Play Protect is responsible for providing user data security and protect the data from malware on Android.
According to IDEA, any app that wants to be published on Android must first be introduced to Google by the developer, as Google is the founder of Android. Android is an open-source operating system, which means it is highly flexible, but this flexibility can sometimes pose various security risks. Google has designed a system called Play Protect, which can effectively secure Android. Google Play Protect is a multi-part system that appears as a malware scanner, web security provider, and phone tracker, thereby ensuring the security of the operating system.
The main reason for the existence of Play Protect in Android is to protect users from malware. This advanced service uses machine learning to scan millions of apps every day, both inside and outside the Play Store, for the end user.
By default, Google Play Protect scans all apps that enter the Google Play Store to ensure their integrity. If a problem is found, the unhealthy app is not accepted in the store or is quickly removed by Google. According to Hossein Bayat, the Director of the Cafe Bazaar Program Review Team, if this protector does not recognize the app or becomes suspicious of it, it will alert the user during installation that the app has issues. However, due to issues related to sanctions and filtering of Google Play, many people do not have access to this Google protector, and it may be disabled on their phones.
Ensuring Minimum Security Standards Is One of the Reasons for the Emergence of App Stores
According to the Director of Cafe Bazaar Program Review Team, one of the reasons app stores were created is that users do not want to download apps from unknown websites and sources. When a purchase is made from an app store, there are minimum security standards in place to protect the user.
Hossein Bayat, speaking about the importance of app stores and data security, stated: “We at Cafe Bazaar are sensitive to the issue of ensuring that an app is safe before it reaches the user. If a banking or non-banking app is downloaded from non-official sites, it may not be the original version. In Google Play, you can find a large number of banking apps that are not owned by the banks themselves because, due to sanctions, banks are not allowed to operate. In such circumstances, profit-seeking individuals use the names of well-known banks to deceive users and steal their information.
The Director of Cafe Bazaar Program Review Team explained the security stages that apps go through for the user: Every app, in addition to its developer, goes through a series of security stages after requesting publication. Since banking and government apps are more sensitive, we have additional security measures in place to protect them. First, we verify that the app belongs to the same organization and entity. Regarding banking apps, we have communication with banks through some of our colleagues. We send a confirmation email to the bank to ensure the app’s authenticity.
Bayat continued with the next step: In the second stage, we scan the app’s file. We scan all the apps on the market with ten reputable global antivirus programs. If the result is acceptable, meaning there are no issues, we inform the app developer, and any problems are addressed. However, if none of the antivirus programs find any issues, the app proceeds to the next stage, which involves detailed testing and scrutiny before installation.
The Director of Cafe Bazaar Program Review Team stated: The criteria for evaluating all apps in the market are the same because if a user installs an app from the market, their security may be compromised. Therefore, we do not make distinctions, and user data security is essential to us. However, naturally, banking apps are more sensitive. We emphasize the importance of security to the app developer because we receive feedback from users. But the difference for banking apps is that we keep an eye on news related to them to ensure that such incidents do not happen to users.
Standardization of Applications
Cafe Bazaar checks for antivirus programs at one stage of data security. Bayat continued: One issue is app permissions. Both sensitive and non-sensitive permissions are checked. Some of the evaluation criteria are based on reported issues. At the time of release, we check public information, and if we become suspicious, we conduct a more detailed and specific investigation.
The Mechanism of Malware
The mechanism of malware is such that it creates an environment that is almost identical to the bank’s own electronic banking version. All details are properly placed, and the services provided are the same as those offered by the bank itself. In fact, detecting counterfeiting and fraud in these conditions is difficult for users who have been using mobile banking apps continuously.
The entry into these malware apps occurs either through downloading the relevant app, which is available on unofficial online stores, or through links sent to individuals. After installation, the app displays a message to the user, asking for permission to read text messages.
The importance of data security in the online space is such that cyber threats have been identified as one of the largest threats in various fields, especially in the financial sector. According to studies conducted, about 40% of customers of American banks have cited cyber concerns as the main reason for not using mobile apps.
No Comment! Be the first one.