7-2-2024 (SINGAPORE) Android users in Singapore will soon benefit from enhanced security measures as Google plans to roll out a new feature aimed at blocking app installations from unverified sources. Developed in collaboration with the Cyber Security Agency of Singapore (CSA), this initiative seeks to protect users against malware scams.
According to Google, Singapore will be the first country to undergo a phased pilot of this security feature on Android devices in the coming weeks. The initiative builds upon the existing Google Play Protect malware protection system.
The new security feature will automatically prevent users from installing applications from unverified sources, including sideloaded apps, if they frequently utilize sensitive runtime permissions often exploited for financial fraud.
When attempting to download suspicious apps from unverified app stores, users will receive a notification explaining why the installation has been blocked. This feature aims to enhance user safety and mitigate the risks associated with downloading potentially harmful apps.
Eugene Liderman, director of Android security strategy at Google, highlighted the effectiveness of real-time scanning enhancements to Google Play Protect, which were fully implemented in Singapore in November 2023. Since its introduction, real-time scanning has identified over 515,000 potentially harmful apps and prevented nearly 3.1 million attempted installations of such apps.
Scam victims are often directed to download Android package kit (APK) files from sources like websites, messaging apps, or file managers. To prevent malware infections, the public is advised against downloading suspicious APK files, which can allow scammers to remotely access and control devices, as well as steal stored passwords.
Sideloaded apps typically request permissions to access SMSes, notifications, and device accessibility, which can be exploited by scammers to intercept one-time passwords and spy on screen content. Google’s latest security feature targets these permissions, which are frequently abused by fraudsters, to block potentially harmful app installations.
In the ongoing battle against malware scams, over 750 cases of Android malware-related scams were reported in the first half of 2023, resulting in victims losing more than S$10 million (US$7.4 million), according to the police. CSA’s deputy chief executive, Chua Kuan Seah, emphasized the importance of collaboration with technology companies like Google to enhance anti-scam defenses and protect users online.
Google affirmed its commitment to ensuring a safe and trusted experience on Android by implementing additional anti-scam features in the future. Mr. Liderman highlighted the significance of monitoring the pilot results to assess its impact and make necessary adjustments, emphasizing the importance of industry collaboration and user education in combating evolving threats.
In addition to introducing new cybersecurity features, Google pledged ongoing support to CSA by assisting with malware detection and analysis, sharing insights and techniques, and providing educational resources for users and developers alike.
