Google has said that the program encompasses a wide array of security issues.Google highlighted security issues in over one million apps, before their pre-release and helped over 300,000 developers to fix security vulnerabilities with their apps, the company revealed in a security blog post. This is part of Google’s security measure called the ‘Application Security Improvement Program’ for apps that are submitted to its Play Store for approval. This program helps the company flag apps that have security issues and not let them appear on the Play Store.
To recall, the ‘Application Security Improvement Program’ was launched over five years ago. Under this, an app when submitted for approval goes through various tests before being published to the store. If an app fails the test, Google provides the developers with a detailed diagnosis and the steps required to be taken to get it into a healthy form.
The company has confirmed in a blog post that under this initiative it has flagged over one million apps for security concerns, which is no small number. It also stated that in 2018 alone, Google’s program was able to help over 30,000 app developers fix over 75,000 apps.
Google has said that the program encompasses a wide array of security issues. These include vulnerabilities in specific libraries, inadequate TLS/SSL certificate validation, SQL Injection, File-based Cross-Site Scripting, Cross-App Scripting, Leaked Third-Party Credentials, Scheme Hijacking and JavaScript Interface Injection. It will continue to evolve the initiative as and when new threats surface.
This is not a perfect solution, as some harmful apps do slip through the process, so it is recommended that you be a bit vigilant and download apps from trusted developers only.
Back in February, Google revealed that under its Play Protect program, it scans over 50 billion apps daily to find potentially harmful apps. It also stated that app rejections were up 55 per cent last year, whereas, app suspensions were up by 66 per cent.
