The launch of Android has completely changed the face of third-party application development for mobile. Being an open-source platform, Android provides a full-fledged support for developers to accommodate their freelance projects in Android’s app store, Google Play. However, for getting their apps approved, developers need to get the authenticity of each app by Google for the security its users. An approval process is conducted by the moderation team at Google Play which manually checks each app suggested for contribution.
However, even after gone through a moderation process, implemented for verification of app with various guidelines, about 32 apps were found to be infected in Play Store in April this year. These apps had potentially infected about 5 million devices in Europe and Russia causing threat to the privacy of users. Moreover, Android has been identified as the most vulnerable mobile operating system by a study conducted by F-secure which found 136 known threats for Android OS . 136 out the 149 threats were targeted to Android OS and have been causing privacy problems as well as other issues for its users. The same report also mentions that there was a rise of 50% of malwares for Android in last quarter which clearly indicates that Android is becoming a soft target for attackers due to its features like deep customization, open source and less tedious app approval process.
Google mentions in the guidelines of play store that it does not approve those apps which put the privacy and confidential information on user's device at stake without any security measure. However, VentureBeat recently informed about a trojan app which has the ability to take over the most basic functionality of the device if this app was installed. A hacker can make phone calls from the device, retrieve all stored passwords, and read all the data and information stored on the phone. Bluebox, the company that identified the issue, mentioned the discrepancies in the approval process of an app being the major contributor in spreading these kinds of applications. The presence of large number of infected apps in Google’s Play Store clearly indicates that there is a strong need to upgrade the moderation process of approving an app. Currently Google is informed about the presence of an infected app in its store from the inputs provided by third-party auditors or general users. However, the moderation team of Play Store should concentrate more on checking the functionality and back-end processes of each app including the processes dealing with data, to ensure that these apps are not compromising the privacy of a user at any level.
If referring to the recent statistics of Play Store download, about 50 billion downloads have already been completed from various smart-devices running Android. Moreover, April 2013 stats show that revenue generation of Google Play Store has been increasing from 19% in November 2012 to 27% in April 2013 while the actual value remains unknown. With increasing revenue from its app store, Google should consider in re-drafting its guidelines for approval as well as polish its approval process in order to make the Play Store, malware-free.
via Examiner National Edition Gadgets & Tech Channel Articles http://www.examiner.com/article/google-play-store-need-of-a-strong-approval-policy?cid=roadrunner