Over the past few months, there have been plenty of stories released about Android’s rising malware levels. Specifically, there is evidence that the number of malware threats and infections is increasing on Android smartphones and tablets.
Google, however, is sick of hearing about how infected its prized mobile operating system is and is fighting back against that reputation with cold, hard facts. Google has wanted to do this for a while but did not – until recently – have the measurements to back it up.
Android security chief Adrian Ludwig recently presented some important data about Android and its open ecosystem. Adrian explained that Google hasn’t sacrificed user security in favor of an open ecosystem. Instead, they’ve created an innovative security system that ends up being more effective than most walled gardens.
Specifically, Adrian and his team analyzed 1.5 billion Google Play Store downloads and found that the total number of safe Google Play Store installs vastly outnumbered the total number of dangerous Google Play Store downloads despite the growing number of Google Play Store downloads.
Only 0.12% of Android apps have characteristics that Google labels as “potentially harmful.” Furthermore, the vast majority of the apps that have “potentially harmful” characteristics are innocent, high-quality apps.
In other words, the actual number of malicious apps on the Google Play Store – which is a totally open any marketplace where any app can be installed – is far less than 0.12%.
“Android is almost impenetrable to malware”
The above picture shows a few of the steps that apps go through before being installed on users’ devices. It’s an innovative approach that involves the outer layer – the Google Play Store – being totally open to malware, while the lower layers are tighter and tighter.
The end result is that Android security chief Adrian Ludwig was able to report “data showing that less than an estimated 0.001% of app installations on Android are able to evade the system’s multi-layered defenses and cause harm to users.”
Adrian also explained why it’s virtually impossible for Google to take a walled garden approach to app security on Android:
“A walled garden systems approach blocking predators and disease breaks down when rapid growth and evolution creates too much complexity. Android’s innovation from inside and outside Google are continuous, making it impossible to create such a walled garden by locking down Android at the device level.”
In other words, there are too many different Android devices and versions for Google to think about taking a walled garden approach. In spite of that fact, Google has come up with a totally new security model that ends up being equally as effective – if not more so – than other mobile security environments.
That’s impressive. And the most important thing for you is that it means your Android is way safer than you think.