Posted by Suzanne Frey – VP, Product, Belief & Development for Android & Play
Realizing that you just’re constructing on a secure, safe ecosystem is important for any app developer. We repeatedly put money into defending Android and Google Play, so hundreds of thousands of customers world wide can belief the apps they obtain and you’ll construct thriving companies. And we’re devoted to repeatedly bettering our developer instruments to make world–class safety even simpler to implement.
Collectively, we’ve made Google Play one of many most secure and most safe platforms for builders and customers. Our partnership over the previous few years contains serving to you:
At present, we’re excited to share extra about how we’re making it simpler than ever for builders to construct secure apps, whereas additionally persevering with to strengthen our ecosystem’s safety in 2025 and past.
Making it simpler so that you can construct safer apps from the beginning
Google Play’s insurance policies are a crucial element of guaranteeing a secure expertise for our shared customers. Play Console pre-review checks are an effective way to resolve sure coverage and compatibility points earlier than you submit your app for assessment. We just lately added the power to test privateness coverage hyperlinks and login credential necessities, and we’re launching even extra pre-review checks this yr that will help you keep away from widespread coverage pitfalls.
That will help you keep away from coverage issues earlier than you submit apps for assessment, we’ve been notifying you earlier about sure insurance policies related to your apps – beginning proper as you code in Android Studio. We at the moment notify builders by way of Android Studio about a number of key coverage areas, however this yr we’ll increase to a a lot wider vary of insurance policies.
Offering extra coverage help
Appearing in your suggestions, we’ve improved our coverage expertise to offer you clearer updates, extra time for substantial adjustments, extra versatile necessities whereas nonetheless sustaining security requirements, and extra useful data with reside Q&A’s. Quickly, we’ll be making an attempt a brand new approach of speaking with you in Play Console so that you get data whenever you want it most. This yr, we’re investing in much more methods to get your suggestions, enable you perceive our insurance policies, navigate our Coverage Middle, and assist to repair points earlier than app submission by way of new options in Console and Android Studio.
We’re additionally increasing our in style Google Play Developer Assist Neighborhood, which noticed 2.7 million visits final yr from builders seeking to discover solutions to coverage questions, share data, and join with fellow builders. This yr, we’re planning to increase the neighborhood to incorporate extra languages, corresponding to Indonesian, Japanese, Korean, and Portuguese.
Defending your corporation and customers from scams and assaults
The Play Integrity API is a necessary software to assist defend your corporation from abuse corresponding to fraud, bots, dishonest, and knowledge theft. Builders are already utilizing our new app entry threat function in Play Integrity API to make over 500M every day checks for probably fraudulent or dangerous conduct. In truth, apps that use Play Integrity options to detect suspicious exercise are seeing an 80% drop in unauthorized utilization on common in comparison with different apps.
This yr, we’ll proceed to improve the Play Integrity API with stronger safety for much more customers. We just lately improved the know-how that powers the API on all units operating Android 13 (API degree 33) and above, making it sooner, extra dependable, and extra personal for customers. We additionally launched enhanced safety indicators that will help you resolve how a lot you belief the surroundings your app is operating in, which we’ll robotically roll out to all builders who use the API in Might. You possibly can decide in now to begin utilizing the improved verdicts in the present day.
We’ll be including new options later this yr that will help you cope with rising threats, corresponding to the power to re-identify abusive and dangerous units in a approach that additionally preserves consumer privateness. We’re additionally constructing extra instruments that will help you information customers to repair points, like in the event that they want a safety replace or they’re utilizing a tampered model of your app.
Offering extra validation in your app
For apps in choose classes, we provide badges that present an additional layer of validation and join customers with secure, high-quality, and helpful experiences. Constructing on the work of final yr’s “Authorities” badge, which helps customers determine official authorities apps, this yr we launched a “Verified” badge to assist customers uncover VPN apps that take further steps to reveal their dedication to safety. We’ll proceed to increase on this and add badges to extra app classes sooner or later.
Partnering to maintain children secure
Whether or not your app is particularly designed for teenagers or just attracts their consideration, there may be an added duty to make sure a secure and trusted expertise. We need to associate with you to maintain children and teenagers secure on-line, and defend their privateness, and empower households. Along with Google Play’s Instructor Accepted program, Households insurance policies, and instruments like Limit Declared Minors setting throughout the Google Play Console, we’re constructing instruments like Credential Supervisor API, now in Beta for Digital IDs.
Strengthening the Android ecosystem
Along with serving to builders construct stronger, safer apps on Google Play, we stay dedicated to defending the broader Android ecosystem. Final yr, our investments in stronger privateness insurance policies, AI-powered risk detection and different safety measures prevented 2.36 million policy-violating apps from being revealed on Google Play. In contrast, our most up-to-date evaluation discovered over 50 instances extra Android malware from Web-sideloaded sources (like browsers and messaging apps) than on Google Play. This yr we’re engaged on methods to make it even more durable for malicious actors to cover or trick customers into dangerous installs, which is not going to solely defend your corporation from fraud but in addition assist customers obtain your apps with confidence.
In the meantime, Google Play Shield is all the time evolving to fight new threats and defend customers from dangerous apps that may result in scams and fraud. As it is a core a part of consumer security, we’re doing extra to maintain customers from being socially-engineered by scammers to show this off. First, Google Play Shield reside risk detection is increasing its safety to focus on malicious functions that attempt to impersonate monetary apps. And our enhanced monetary fraud safety pilot has continued to increase after a profitable launch in choose nations the place we noticed malware primarily based monetary fraud coming from Web-sideloaded sources. We’re planning to increase the pilot all through this yr to extra nations the place we’ve seen larger ranges of malware-based monetary fraud.
We’re even working with different leaders throughout the {industry} to guard all customers, it doesn’t matter what system they use or the place they obtain their apps. As a founding member of the App Protection Alliance, we’re working to determine and promote industry-wide safety requirements for cell and net functions, in addition to cloud configurations. Lately, the ADA launched Software Safety Assessments (ASA) v1.0, which gives clear steering to builders on defending delicate knowledge and defending in opposition to cyber assaults to strengthen consumer belief.
What’s subsequent
Please preserve the suggestions coming! We recognize realizing what could make our builders’ experiences extra environment friendly whereas guaranteeing we keep the best requirements in app security. Thanks in your continued partnership in making Android and Google Play a secure, thriving platform for everybody.