Google blocked 2.3M apps from Play Store last year for breaking the G law
Third of a million developer accounts kiboshed, too
Google says it stopped 2.28 million Android apps from being published in its official Play Store last year because they violated security rules.
The stat comes from the Chocolate Factory's latest report, in which the ad biz said its "investment in new and improved security features, policy updates, and advanced machine learning and app review processes," had helped find malicious code before it could get in the Store.
These policy updates included refreshed rules tackling AI apps, bothersome notifications, and privacy. Google put particular emphasis on its new requirement for devs to allow the deletion of account data without needing to reinstall an app. Plus, app devs had to provide more info about themselves and meet the latest testing requirements.
The Google security team's new toys and rules helped it to not only prevent 2.28 million potentially malicious apps from being published on Google Play, but also assisted in bringing down the ban hammer on 333,000 accounts, or so we're told. Google also rejected a further 200,000 apps for not handling sensitive permissions properly.
- Google pulls malware-infected apps in its Store, over 3 million users at risk
- This legit Android app turned into mic-snooping malware – and Google missed it
- Oh, look: More malware in the Google Play store
- Google sues app devs, claims they're Play Store crypto scammers with 100k+ victims
Compared to the Chocolate Factory's report in 2022 app rejections went up 850K, from 1.43 million. It's unclear how many apps were rejected for sensitive permissions issues in 2022, but the report says Google blocked 500K apps from 2020 to 2022 in total.
The Android-owner attributes its success to better security tools and policies, which is also what it said in 2022. A difference in counting methodology may explain the high increase in app rejections for security issues, as Google points out it now measures violations based on communications sent, which is what the EU's Digital Services Act mandates. It's not entirely clear how comparable 2023's figures are to 2022's.
Of course, Google didn't catch every violation last year. For example, a screen recording app received an update in August 2022 to make it more of a snooping app, and Google was totally unaware of it until ESET warned them in May of last year. El Reg archives are filled with examples of bad apps that made it into the Android Play Store, so if Google's putting a decent roadblock in front of that stuff, it's about time. ®