Apps downloaded from third party sources besides the Play Store (or warez as we call them) have been a cause of concern for Google for long. Although Android was built on the premise of providing its users with an open source Operating System which gave you the freedom to modify or personalize your device, the popular OS has run into a few troubles as of late.
With Play Store suffering from various Malware and Adware attacks recently, one can all but imagine the number of vulnerable apps carrying numerous modified lines of code in them running rampant on the third party websites.
While Google already has prioritized the safety of its apps on the Play Store in its latest Security Bulletin, the Californian giant took a step further and introduced new security protections to protect users from unverified apps.
What started as a dynamic risk assessment of WebApps has now evolved to encompass all types of applications. Google has now rolled out an ‘unverified app’ screen for newly created WebApps and Scripts requiring apt verifications. The new screen replaces the ‘error’ page that developers and users of unverified WebApps used to get.
The ‘unverified app’ screen now precedes the permissions consent screen for the app and lets the potential users know that the app has yet to be verified saving the users from phishing attacks and information thefts.
Similarly, new Application scripts requesting authentication access (OAuth Consent) to data from users in other domains will also be greeted by the ‘unverified app’ screen.
Furthermore, users will now notice new dialog box reminding them to ‘consider whether you trust’ an application before granting it Authorization, as well as a banner identifying web pages and forms created by other users.
This may turn out to be immensely helpful for casual users in scenarios when a malicious app attempts to sabotage your information by tricking you into providing credentials for any website.
Google is closing down on third party apps and SafetyNet bypassing modules alike hinting at Google’s desire for a relatively closed and secure Android OS.
Although Google has been making minor changes in Android ever since Android 7.0 Nougat came out citing security concerns making it difficult for users to root or flash modules like Xposed on their devices, it yet remains to be seen if there will be any pushback from the Android community.