On the second day of the Google I/O 2024 conference, Google said Wednesday that it is adding new security and privacy protections to Android, including live threat detection on the device to catch malicious apps, new protections for screen sharing and better security against in cell site simulators.
The company said it is increasing the ability of the Google Play Protect system on the device to detect rogue apps that try to violate sensitive permissions. It also uses artificial intelligence to detect if apps are trying to interact with other services and apps in an unauthorized way.
Google said that if the system is confident of malicious behavior, it automatically disables the app. Otherwise, it notifies the company for review and then notifies the users.
The company said the system uses Private Compute Core, a sandbox for securely processing data from sensors such as the microphone, camera and display. Many OEMs in the Android ecosystem, including Google, Oppo, Honor, Lenovo, OnePlus, Nothing, Transsion and Sharp will release live threat detection later this year.
In October, Google introduced a system to automatically scan side-loaded apps to learn about their fraudulent behavior and alert users. However, TechCrunch found that the tool was unable to scan all potentially dangerous apps.
“Live threat detection will examine the behavior of all apps on your device, regardless of where they were installed, and constantly look for signs of abuse and malicious behavior. It’s particularly useful for detecting apps that might hide or obfuscate their behavior to avoid detection,” said a Google spokesperson.
New protections for Android 15
Google is making it harder for side apps to directly access sensitive permissions. For this, it extends Android 13’s limited settings feature to include sideloading apps, web browsers, messaging apps, and file managers. This means that users will have to explicitly allow access to specific permissions to these apps after installation.
The search giant is also working on features that prevent rogue apps from reading one-time passwords (OTPs). With Android 15, Google will hide passwords in notifications by default. The only expectation of this change is for wearable companion apps.
The company also hides notification content from participants during a remote screen sharing session. Likewise, when entering a username and password, the screen will be hidden from remote viewers.
With Android 15, users can choose to share content from one app during a screen share instead of sharing all the activities on their devices. The feature is currently available on Pixel phones.
Advanced security against network threats
Google is adding safeguards against threats from mobile site simulators that spy on network activity such as calls and SMS. The company will now notify users of unencrypted mobile network to save them from SMS scam.
The company said it would also alert users, such as journalists or dissidents, if a cellular proxy tried to monitor their activity.
