Blog Post

Google Scanning Apps In Android Market For Malware To Improve Security

Google (NSDQ: GOOG) has a dilemma when it comes to the Android Market: its permissive no-review-necessary policy means that anyone can write nearly any kind of application for the platform, including malware. The company is introducing a new service Thursday that attempts to strike a balance between protecting Android users from malware while still offering developers more freedom than Apple’s app review policy.

The service is called Bouncer, and much like the burly guy standing watch over a crowded bar, the idea is to weed out undesirables by scanning applications as they are uploaded to the Android Market. Google said in a blog post that it is revealing the service for the first time Thursday, and a company representative confirmed it has been up and running for a few months.

It works like this: developers upload their apps to the Android Market as they always have. But behind the scenes, Google will scan those applications for known characteristics of malware, spyware, or Trojans, the company said. It will also simulate the behavior of each uploaded application on Google’s internal servers in order to detect whether or not the app is collecting and/or distributing personal information without informing the user.

Android malware in general is growing, thanks to the proliferation of several different app stores and the open development policy that Google has always employed when it comes to Android. But Google said it has reduced the amount of malware in the Android Market by 40 percent over the course of 2011.