Every year Google releases their security report on their official blog giving people the review about their security measures and their implementations regarding the same. Google has now officially presented us with the Security Review of 2017. Dave Kleidermacher, Vice President of Security for Android, Play and Chrome OS took the reins of Google Security blog and gave us updates about the Security parameters that Google put in place last year. He also shared the more advanced developments about the same. The highlights of the review have been compiled down below.
Google Play Protect
Last year Google rolled a new feature to Android devices called the ‘Play Protect.’ The main aim of this step was to protect the two billion users of Google from Potentially Harmful Application or PHAs. According to Google, the Play Protect automatically reviews 50 billion apps daily and keeps the trouble at bay for Android and ChromeOS users. The application does so by putting its Machine Learning algorithm to use. Google claims that over 60.3% of the PHAs detected were discovered by the Machine Learning part of the program.
Protection of Devices
The Vice President of Security at Google also offered some stats saying that his team managed to remove a massive number of 39 million PHAs and they also overcame a closely related problem. Google figured that nearly 35% of Potentially Harmful Apps were being installed while the devices were offline. This urged the team to enable detection of PHAs by the Play Protect even when the phones of users were offline. This update was pushed to devices in October 2017 resulting in prevention of 10million additional PHAs.
Preventing Download of Harmful Apps
Google said that users who downloaded app from the Google Play store were nine times safer from PHA download rather than the people who downloaded app from unauthorized sources. Therefore, last year in 2017 Google Play Protect boasted of scanning 65% more apps than what it did in 2016. This huge stride forward in the security resulted in a 60% decline of PHA installation from outside the Play Store.
Android Oreo & Security
Dave also outlined the steps that were being brought into action for making Android Oreo more and more secure. Google, thus far, has been successful in bringing security measures like making the device safer to get apps, dropping insecure network protocols, providing more user control over identifiers, hardening the kernel etc. for the Android Oreo. They also walked us through their prospects regarding more security on devices by working together with mobile manufacturers. Adding to this fact they also stated that 30% more devices would be receiving security updates this year.
Security Reward programs
Google has been fairly popular for conducting extravagantly paid security reward programs and bounty hunts to find loopholes in their security. To build further on this, Google invested $1.28 million in research and also notched up payments for exploits from $50,000 and $30,000 to $200,000 to $150,000 respectively.
It is interesting to see that Google’s unprecedented growth has not caused them to lessen their focus on security. 2017 has definitely been a great year for the tech giant, and it will be even more exciting to see, with the increasing number of Android users around the world, what more does Google do in terms of security this year.