Google has announced a new security initiative that will automatically block the sideloading of potentially unsafe Android apps in India, expanding its global efforts to combat mobile fraud. This pilot follows successful tests in Singapore, Thailand, and Brazil.
The feature is designed to safeguard users from malicious apps that are downloaded from sources other than the Google Play Store, such as web browsers, messaging platforms, and file managers. The enhanced fraud protection system examines the permissions requested by third-party apps in real-time and blocks installations if those permissions are frequently abused by malware for financial fraud.
According to Eugene Liderman, Google's Director of Mobile Security Strategy, "This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive permissions frequently abused for financial fraud." Such permissions might include those that allow the app to read SMS messages, access notifications, or exploit accessibility services for malicious actions.
The pilot program, which will roll out next month, will impact all Android devices in India running Google Play services. The goal is to prevent risky app installations by utilizing Google Play Protect to automatically block apps with suspicious permissions declared in their "AndroidManifest.xml" file.
Developers distributing apps in India are encouraged to review their app permissions to ensure they comply with best practices, as this feature could affect apps that request sensitive permissions.
This initiative builds on Google’s earlier efforts in India, including the launch of DigiKavach (meaning "digital armor") in 2023, aimed at reducing online fraud and protecting users from scams. Sanjay Gupta, Google India’s head, stated that "Through this program, we're studying the methods and modus operandi of scammers, developing and implementing countermeasures to new emerging scams."
The tech giant's ongoing efforts aim to create a safer digital ecosystem and protect users from ever-evolving threats like malware, phishing, and fraudulent apps.
