Pierluigi Paganini April 04, 2015

Android presented its Security State of the Union 2014 and confirmed that the number of infections have been halved in a year due to Google’s improvements.

Google confirmed that malware infections have been halved in a year due to  security upgrades for the Android mobile platform.

Android security engineer Adrian Ludwig explained in a blog post that Google implemented a multilayered approach to mobile Security for the Android platform and the services it provides.

“In addition to traditional protections like encryption and application sandboxes, these layers use both automated and manual review systems to keep the ecosystem safe from malware, phishing scams, fraud, and spam every day.” wrote Ludwig.

The overall worldwide rate of potentially harmful mobile apps was reduced nearly 50 percent in the 2014. Keep secure over one billion Android devices worldwide is hard, Google does it through Google Play “which conducts 200 million security scans of devices per day“, the company proudly points out that fewer than one percent of the mobile devices had potentially harmful mobile applications installed.

Android is wrongly perceived as a vulnerable platform and these data highlights the amazing effort spent by Google to secure this open platform.

“We want to ensure that Android is a safe place, and this report has helped us take a look at how we did in the past year, and what we can still improve on,” Ludwig said.

The situation is better if we limit the analysis to the number of users that only install their apps from the official Google Play, in this case the rate of potentially malicious apps was less than 0.15 percent.

Android issued several security upgrades from Q1 2014 and Q4 2014, according to the report over 25,000 applications in Google Play were updated according to the security notifications issued by Google Play.

Recently Google announced further improvements for its platform to offer users a positive experience while searching for mobile apps on the official Google Play store. The improvements will be offered to both developers and mobile users.

“In 2015, we have already announced that we are being even more proactive in reviewing applications for all types of policy violations within Google Play. Outside of Google Play, we have also increased our efforts to enhance protections for specific higher-risk devices and regions.”

Below the key findings from the report:

• Over 1 billion devices are protected with Google Play which conducts 200 million security scans of devices per day.
• Fewer than 1% of Android devices had a Potentially Harmful App (PHA) installed in 2014. Fewer than 0.15% of devices that only install from Google Play had a PHA installed.
• The overall worldwide rate of Potentially Harmful Application (PHA) installs decreased by nearly 50% between Q1 and Q4 2014.
• SafetyNet checks over 400 million connections per day for potential SSL issues.
• Android and Android partners responded to 79 externally reported security issues, and over 25,000 applications in Google Play were updated following security notifications from Google Play.

Pierluigi Paganini

(Security Affairs –  Android, mobile apps)