Google Play is adding more security layers to Play Protect to prevent financial fraud. It is developing a fraud protection project that will initially be tested in Singapore in the next few weeks.
Google shared in its blog post that there had been a rapid increase in fraud cases. The Global State of Scams Report for 2023 by the Global Anti-Scam Alliance revealed that around 78% of the survey respondents had experienced at least one scam in the past year. 45% of respondents highlighted that scams have increased in the last 12 months.
To address this issue, Google is partnering with the Cyber Security Agency of Singapore (CSA) to launch a pilot fraud protection project. Initially, the first pilot will be for Android users in Singapore only.
The pilot project will detect any runtime permissions an app requests in real time when a user downloads it. It will look for requests like RECEIVE_SMS, READ_SMS, BIND_Notifications, and Accessibility.
These are common tactics used by scammers for financial fraud whenever an individual is sideloading applications on the Internet. The blog post notes:
“This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud when the user attempts to install the app from an Internet-sideloading source (web browsers, messaging apps or file managers). This enhancement will inspect the permissions the app declared in real-time and specifically look for four runtime permission requests: RECEIVE_SMS, READ_SMS, BIND_Notifications, and Accessibility. These permissions are frequently abused by fraudsters to intercept one-time passwords via SMS or notifications, as well as spy on screen content. Based on our analysis of major fraud malware families that exploit these sensitive runtime permissions, we found that over 95 percent of installations came from Internet-sideloading sources.”
Simply put, the pilot project aims to block any apps from being installed whenever any of these permission requests are detected. Google Play Protect will also issue a notification to the user informing them about the app.
Google clarified that the Singaporean government has tested out this pilot project against fraud protection. The capability will be rolling out on Android devices supporting Google Play.
The company also highlighted some protocols for app developers. It suggested the developers make sure that the permissions their app requests are aligned with the Mobile Unwanted Software principles.
The apps should only ask for essential permissions needed for it to run smoothly. However, if a developer does face issues, they can refer to Google’s updated guidelines for Play Protect warnings. They can also file an appeal if the issue remains unresolved.
In October 2023, Google introduced a feature that prompted users to scan unknown apps to avoid fraud. The capability scanned the apps on a code level and if it found emerging threats, it would inform the user to take the appropriate action of not installing the application.
In the latest update, the enhanced fraud protection will automatically block malicious apps after scanning them.