According to Google’s annual report, the chances of installing malicious apps on Android devices have been reduced by 40% as compared to the previous year. This might seem a promising number and positive progress but Android ecosystem is still one of the least secured mobile operating system nowadays. Android devices generally face three different types of attacks which are malware attacks, network threats and on-device threats.
Google scans 6 billion installed apps on more than 400 million Android devices every single day. This security measure is implemented to scan already installed apps and to verify their authorized activities. For example, some apps especially large sized games download resources from their own servers after installing the base app from Google Play Store. Google scans those apps from its end but it does not have control over the servers of those apps from where they download additional files.
Apple has dealt with the same problem by increasing the maximum size limit of their apps to 4GB. Every 3 devices in 2,000 have been infected via potentially harmful apps downloaded from the official app store Google Play Store. Although this is still an alarming situation but way better than earlier years; on the other hand, every one device in 200 which has downloaded apps from Google Play Store and unofficial sources has been infected.
The company has been making tremendous efforts to reduce the number and impact of such security vulnerabilities and threats. Last year, Google started a reward program that was specifically designed to encourage security experts and ethical hackers to find vulnerabilities and security flaws in Android platform. Ultimately they discovered more than 100 flaws and Google rewarded them with $200,000 in total.
From the ecosystem point of view, Google is also implementing more and more security layers. The latest version of Android 6.0 comes with advanced control over the permissions granted to specific apps and the amount of data shared with them.