Google Play Protect is introducing a new feature that allows it to scan the code of apps being installed on Android devices in real-time, aiming to detect potentially harmful or malicious apps.
As Google’s malware protection tool for Android devices, Play Protect previously conducted real-time checks to identify known malicious apps and similar apps, as well as other suspicious apps flagged by on-device machine learning.
When Play Protect detects potential malware during the app installation process, it notifies users of the potential threat.
The inclusion of real-time app code scanning aims to enhance device security and identify emerging threats that have not been previously encountered.
“Scanning will extract important signals from the app and send them to the Play Protect backend infrastructure for code-level evaluation,” Google explains in its security blog.
“Once the real-time analysis is complete, users will receive a result informing them whether the app appears safe to install or if the scan indicates potential harm,” the company adds.
Google also highlights that this enhancement will improve protection against malicious polymorphic apps that leverage various methods, such as AI, to alter themselves and evade detection.
Play Protect will only recommend the scan of apps that have never been scanned by Google before during the installation process.
Following the scan, Play Protect will submit the app for review, which will be used to compare app behavior and train the company’s machine learning algorithm to further enhance security measures.
The improved Google Play Protect is currently being rolled out in India and will be gradually introduced in other regions in the upcoming months.