One of the challenges of digital life is avoiding malicious apps. You think an app is intriguing, so you download it to your phone, only to later discover some hacker is using it to inject malware onto your device. Now, you have an intruder going through your sensitive info, and newfound trust issues with the Google Play Store. Lose-lose.
Malicious apps are discovered on the Play Store more often than you might think. This year alone, Lifehacker has covered stories of Android apps containing malware once in February, twice in May, and once in September. While Google has plenty of security systems in place to attempt to weed out these malicious apps before they cement themselves on the Play Store (Google Play Protect), hackers find a way—so users need to be vigilant when downloading new apps on their devices.
Live threat detection will spot malicious apps on your Pixel
While it’s still important to be cautious with the apps you choose to install, the security onus is shifting back on Android a bit. In a blog post on Wednesday, Google announced that its live threat detection feature is finally rolling out to Google Play Protect. First announced at Google I/O back in May, live threat detection looks for malicious apps on your Android device by analyzing apps’ activity patterns. This new approach should help spot apps that hide their malicious activity, or remain invisible until it’s time to start being sneaky.
Google says that at launch, live threat detection is focusing on “stalkerware,” a type of malware that scrapes your personal and sensitive data without your knowledge or consent. However, the company will look into how to identify other types of malware and malicious activity, so the feature will catch even more programs in the future.
If Google Play Protect finds an app it thinks is suspicious, it will send you an alert in real time, something like “Unsafe app found: [App Name] may put your device at risk.” From here, you can determine whether the app seems phishy or not, and, if so, delete it from your device. All of this is powered using Private Compute Core, which Google says enables the company to watch out for users’ privacy and security without collecting user data.
Right now, live threat detection works with Pixel 6 phones and newer. However, Google will roll the feature out to Android devices from other manufacturers “in the coming months.”
Google’s AI-powered scam detection is also rolling out
In the same blog post announcing live threat detection, Google also revealed it is rolling out a public beta for AI-powered scam detection for Pixel 6 and newer models. This feature will work when you’re currently engaged in a call: If Android detects common scam tactics from the other caller, it will ping you with a warning that this is a likely scam. You can tap “End call” from the pop-up to give the would-be scammer an instant boot. Google says this feature is disabled by default, and if you choose to use it, all AI-processing happens on-device, so Google doesn’t actually take any of your data for this to work.