Google Blocked Malicious Sideloading Apps for Indian Users

Google has launched a pilot program to block malicious sideloading apps. This initiative is part of Google’s ongoing efforts to protect users from financial fraud and cybercrime, which have risen globally, particularly in India.

Cybercrime continues to be a significant concern in India, with consumers losing substantial amounts of money to fraudulent activities.

According to the Indian Cyber Crime Coordination Centre (I4C), in just the first four months of 2024, Indians reportedly lost over ₹1,750 crore (approximately USD 212 million) to cybercriminals.

This alarming figure underscores the need for enhanced protective measures to safeguard users from online threats.

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free

Google Play Protect: A Robust Security System

Android’s built-in security system, Google Play Protect, protects users from harmful apps. It scans over 200 billion apps daily, identifying and blocking potential threats.

Last year, Google introduced real-time scanning to protect users from malicious internet-sideloaded apps better. This feature has proven effective, identifying over 10 million malicious apps globally. 

The new pilot program will expand Google Play Protect’s capabilities by enhancing fraud protection for apps installed from internet-sideloading sources such as web browsers and messaging apps.

This initiative follows successful pilots in Singapore, Thailand, and Brazil, where nearly 900,000 high-risk installations were blocked in Singapore alone.

Enhanced Fraud Protection: How It Works

The enhanced fraud protection will automatically block the installation of apps requesting sensitive permissions frequently abused for financial fraud. These permissions include RECEIVE_SMS, READ_SMS, BIND_Notifications, and Accessibility services.

Google’s analysis revealed that over 95% of installations exploiting these permissions originated from internet-sideloading sources. 

Once the pilot begins next month in India, Play Protect will block any app installation from an internet-sideloading source declaring these permissions.

Users will receive an explanation regarding the block, helping them understand the potential risks involved.

The success of this initiative relies on collaboration with various stakeholders. Sugandh Saxena, CEO of the Fintech Association for Consumer Empowerment, emphasized the importance of safe digital platforms and praised Google’s efforts as a critical tool in combating financial crimes.

This collaborative approach aims to create a secure mobile experience for all Android users by working closely with governments, industry partners, and other stakeholders.

Preparing Developers for Change

Developers distributing apps that may be affected by this pilot are encouraged to review their app permissions and adhere to best practices for safeguarding user data.

Google has provided updated developer guidance to help address potential issues and offers instructions for filing appeals if necessary. 

As the pilot rolls out across Android devices with Google Play services in India next month, it marks a significant step forward in protecting users from financial fraud and enhancing overall digital security.

Upgrade Your Cybersecurity Skills With 100+ Premium Cyber Security Courses Online - Enroll Here