On the second day of the Google I/O 2024 conference, Google said Wednesday that it will add new security and privacy protections to Android, including live on-device threat detection to detect malicious apps, new screen sharing safeguards, and a Better security against Cell Site Simulators.
The company said it is increasing the device’s ability of its Google Play Protect system to detect rogue apps that try to violate sensitive permissions. It also uses AI to detect if applications try to interact with other services and applications in an unauthorized manner.
Google said that if the system is sure of malicious behavior, it automatically disables the app. Otherwise, alert the company for a review and then alert the users.
The company said the system uses Private Compute Core, a sandbox to securely process data from sensors such as a microphone, camera and display. Several OEMs in the Android ecosystem, including Google, Oppo, Honor, Lenovo, OnePlus, Nothing, Transsion, and Sharp, will implement live threat detection later this year.
In October, Google introduced a system to automatically scan downloaded apps for fraudulent behavior and alert users. However, TechCrunch found that the tool was unable to scan all potentially dangerous apps.
“Live threat detection will observe the behavior of all apps on your device, regardless of their installation source, and continually look for signs of abuse and malicious behavior. “It is especially useful for detecting apps that could cloak or obfuscate your behavior to avoid detection,” a Google spokesperson said.
New protections for Android 15
Google is making it harder for downloaded apps to directly access sensitive permissions. To do this, it is expanding Android 13’s restricted settings feature to include downloaded apps, web browsers, messaging apps, and file managers. This means that users will need to explicitly allow certain permissions to access these apps after installation.
The search giant is also working on features to prevent rogue apps from reading one-time passwords (OTPs). With Android 15, Google will hide codes in notifications by default. The only expectation of this change is for portable companion applications.
The company also hides the content of notifications from participants during a remote screen sharing session. Similarly, entering a username and password will hide the screen from remote viewers.
With Android 15, users can choose to share content from an app during a screen share instead of sharing all activities on their devices. The feature is currently available on Pixel phones.
Advanced security against network threats
Google is adding protections against threats posed by cell site simulators that spy on network activity such as calls and SMS. The company will now notify users about unencrypted cellular networks to save them from SMS fraud.
The company said it would also notify users such as journalists or dissidents if a proxy cell station attempted to monitor their activity.
