Android security has been always a headache for Google since there isn’t a mandatory App Store like that in iOS operating system to prevent a bad link from giving rise to a persistent malware issue. Even worse, as with the accelerated expansion of the operating system to dozens of carriers and device manufacturers, Google found it more difficult to fix a vulnerability thoroughly.
As an effort to build users’ trust on the manufacturers as well as their Android devices, Google recently has announced to brand certified Android devices with Play Protect logo.
Manufacturers around the world can choose to have Google’s most popular apps pre-installed on Android devices. All certified devices are ensured to be safe and secure as the Android team at Google have provided hundreds of tests to make sure they comply with the Android security and permissions model. Besides, the authentication of the Google apps that have been pre-installed on the devices is also tested by the team, alongside the verification of apps from the Play Store being able to work well as expected.
Backed by Google Play Protect, certified devices can benefit from many other advanced security features, including automatic device scanning for malware and Find My Device, which together offers very basic protection against malware and privacy hacks.
Google has unveiled a list of certified partners in the company blog. Some reputed brands like Motorola, HMD, Samsung, LG, and Xiaomi are all included in the list.
After 2015’s Stagefright bug, Google has carried out a series of aggressive moves against malicious apps, including using machine learning to fight problem apps and asking partners to offer better patching schedules. The introduction of Certified Android Device is also regarded as a part of the anti-virus strategy, coming on the heels of Google withdrawing around 300 Android apps from Google’s Play Store because of secretly hijacking phones for DDoS attacks. The apps were found to provide services like ringtones and storage managers with the “WireX” botnet on the behind.
The WireX botnet was first discovered by researchers from Akami in the event of a company suffered from a DDoS attack that involves hundreds of thousands of IP addresses. Currently, researchers from Akami, Flashpoint, Team Cymru, CloudFlare, Google, and other companies are working together to fight against the botnet. What Google was doing is removing all malicious apps from affected Android devices as soon as possible.