Play Protect blocked 1.9B malware installs from non-Google sources last year

The number of user attempts to install malware-infected apps from outside the Play Store has gone up from 1.6 billion, reported in 2017 and 2018, to 1.9 billion, last year.
Written by Catalin Cimpanu, Contributor
android mobile malware

Google Play Protect, a malware protection system that comes pre-installed on official Android devices, has blocked more than 1.9 billion malicious app installs that originated from unofficial (non-Google) sources in 2019, such as third-party app stores.

The number is up from 1.6 billion, reported in 2017 and 2018.

The rise in this number suggests two things. First is that Play Protect is better at detected and stopping malware than it was in previous years.

Second, it can also mean that more Android users are being tricked into installing malware-infected apps from outside the Play Store, or are now using third-party app stores to get their apps as they're being blocked from accessing the official store.

Play Protect has improved in the past three years

The ability to detect scan and detect malware in non-Google app installs is a recent feature of the Android OS, one that was added in May 2017.

Image: Google

Before that, users would often end-up installing malware-laced apps from third-party app stores, adult sites, online gambling sites, or various other sites.

To counteract this rising trend, in May 2017, Google launched Play Protect as a new feature that they built right into the official Play Store app.

In its current form, Play Protect has multiple features and functions, but it effectively works as a built-in antivirus program for Android devices that have received a certification to run official Google apps.

By default, Play Protect will (1) scan all the apps installed on a device at regular intervals to make sure app updates don't install malware behind a user's back; (2) scan new app installs originating from the Play Store; but also (3) scan new app installs that originate from any third-party sources.

In 2017, Google said Play Protect scanned 50 billion apps per day, a rate which it maintained throughout 2018 as well.

However, in November 2018, Google added a major upgrade to the Play Protect service by enhancing its database of known malware (PHA, potentially harmful apps) samples.

It did this by beginning to proactively scan the entire internet for APK (Android app) files and index malicious apps, instead of passively waiting until users stumble upon a bad one, like it did before.

Nowadays, Google says Play Protect's daily scan rate has doubled. In a review of its Android security program, published today on Safer Internet Day, Google said that Play Protect now scans over 100 billion Android apps per day.

The rise in daily scans equates to Android's ever-growing userbase, but also to an improvement in device storage, allowing devices to store more apps than before.

In the future, Play Protect's ability to detect bad apps is expected to go up even higher than 1.9 billion. This is because the service got a major boost in November 2019 when Google joined efforts with ESET, Lookout, and Zimperium to create the App Defense Alliance, a partnership to improve malware detections for the Play Store and Play Protect.

Google said Play Protect currently runs on more than two billion Android devices.

Editorial standards