By Krish Vitaldevara, director of trust and security product management at Google Play
Providing a secure experience for billions of users and millions of Android developers has been one of Google Play’s top priorities for years. Last year, we rolled out new policies, improved our systems, and further optimized our processes to better protect our users, support great developers, and strengthen our ability to guard against malicious apps and developers. In addition, Google Play protection will be scanning more than 100 billion installed apps for malware on billions of devices every day in 2020.
Users come to Google Play to find useful, reliable applications for a variety of needs, from COVID-19 vaccine information to new forms of entertainment, grocery delivery, daily communication, and more.
As a result, we have launched a number of policies and developer support programs to continue to improve the quality of information on our platform and reduce the risk of misinformation harming users.
- Requirements for COVID-19-related applications: In order to protect public safety, information reliability and privacy, we have issued specific guidelines for COVID-19-related applications. We require applications that relate to sensitive user data, such as those that provide testing information, to be approved by an official government entity or medical institution and to meet high standards for user data privacy.
- Press Policy: In order to improve transparency in press releases, we have outlined the minimum requirements that developers must meet to declare their app as a “news” app on Google Play. By providing users with application-related information, these guidelines can help increase transparency and accountability.
- Election Support: We have a dedicated team on Google Play and set up a dedicated process for elections to provide additional support and adapt to changing circumstances. This includes additional support for government agencies, specially trained app reviewers, and a security team to deal with election-related threats and abuses.
The core work around identifying and mitigating malicious applications and developers is also evolving to address emerging forms of adversarial behavior and abuse. Our machine learning detection system and enhanced app review process prevented more than 962,000 app violations from being released on Google Play. We’ve also banned 119,000 accounts belonging to developers of malicious and spam apps. In addition, we have significantly increased our efforts to address software development kit (SDK) related violations, as we have found that they have a significant impact on security and user data privacy.
Last year, we continued to work to reduce developer access to sensitive permissions. In February, we announced a new background location information policy to ensure that applications that request permission actually need this data to deliver clear value to their users. As a result of the new policy, developers will now have to explain the benefits of getting location information in the background and inform users in a prominent position, or their apps will risk being removed from Google Play. We have already started addressing applications that do not comply with the new policy guidelines and will update the use of this permission in the future.
We’re also investing constantly to protect children and help parents find quality content. In 2020, we launched a new “Kids” TAB showing apps that have been “Teacher Approved”. To evaluate applications for children, we worked with experts and teachers from across the United States, including our principal advisors Joe Blatt (Harvard Graduate School of Education) and Dr. Sandra Calvert (Georgetown University).
As we continue to protect people from apps that contain harmful content, malicious behavior, and privacy threats, we are equally committed to providing a trusted experience for Google Play developers. For example, we have improved the process for providing information about enforcement actions, significantly reducing the number of developer appeals and increasing their satisfaction. We’ll continue to improve the speed and quality of our communication with developers, and we’ll hear more feedback on how we can further engage and help our trusted developers improve. Android developers can expect to see more of this in the coming year.
Our global team of product managers, engineers, policy experts, and operations leaders is more excited than ever to improve the security of our platform and build lasting trust with our customers. We look forward to making the Google Play experience even better.