Google's joins Gang of Four to guard Play Store apps from malware, and maybe not fail so much

Google's joins Gang of Four to guard Play Store apps from malware, and maybe not fail so much

The App Defense Alliance posse will scrutinize Android app code before release


Google, after more than a decade of dealing with Android malware, has formed an alliance with three security companies to help it defend its mobile platform.


The Chocolate Factory on Wednesday announced the App Defense Alliance, by which partners ESET, Lookout, and Zimperium will be able to scan Android apps submitted to Google Play prior to approval and distribution.


In a blog post, Dave Kleidermacher, VP of Android Security and Privacy, said the partnership involves integrating Google Play Protect malware detection systems with the scanning engines of its three partners.


"This will generate new app risk intelligence as apps are being queued to publish," said Kleidermacher. "Partners will analyze that dataset and act as another, vital set of eyes prior to an app going live on the Play Store."


Asked why Google need extra eyes, a company spokesperson said each partner has a unique approach that Google believes will complement its internal tech.


"Google scans each app multiple times before and after publish to the Play Store," a company spokesperson told The Register in an email. "With the App Defense Alliance, we will now consider the union of all detection results, including our own when looking for red flags or bad behavior."


More eyes may help, though Google's efforts in recent years appear to be moving the needle in the right direction. In its 2018 Android Security Report, the company said less than 1 per cent of devices contained potentially harmful applications (PHAs) ..