Android 15 has officially rolled out to millions of Pixel devices, ushering in a wave of enhancements primarily focused on security and privacy. While the upgrade boasts several improvements, two significant features are notably absent. One, a long-term security enhancement known as Google’s mobile network security, is still in development and will not be available for some time. The other, however, is set to arrive imminently and could lead to the disabling of problematic apps on devices before the year concludes.
Enhanced Security Features on the Horizon
The forthcoming feature is Google Play’s live threat detection, which promises to elevate Android security to new heights. This innovative tool will analyze behavioral signals associated with sensitive permissions and interactions among apps and services. Should it detect any suspicious activity, Google Play Protect will escalate the matter by sending the app for further review and, if necessary, alerting users or disabling the app if malicious behavior is confirmed.
Currently, Google Play Protect scans an impressive 200 billion Android apps daily. The addition of live threat detection will introduce a new layer of immediacy, enabling early checks on devices to enhance fraud and abuse detection against apps that attempt to obscure their actions. This process will leverage on-device AI processing through Google’s Private Compute Core, ensuring user privacy remains intact.
While the removal of blatantly harmful apps is certainly a positive step, the potential to combat permission abuse is particularly noteworthy. Permission abuse has long plagued the Android ecosystem, with many popular apps requesting access to more permissions than necessary, leading to rampant data harvesting.
Recent findings from Cyber News highlighted that “popular apps see no limits” when it comes to requesting dangerous permissions. An analysis of 50 widely-used apps revealed that accessing photos and videos was the second most abused permission, with a staggering 30 of the apps requesting it. This level of access poses significant risks, as malicious actors could exploit it to exfiltrate sensitive files, including photos, videos, and documents.
This is precisely the kind of permission misuse that Google’s new on-device protection aims to monitor. The question arises: why do apps require access to media files when it is not essential for their core functionality? Access to photos is particularly sensitive, and despite Google’s ongoing efforts to restrict such permissions, success has been limited.
In response to these challenges, Google introduced the Photo Picker API with the launch of Android 13 in 2022. This API allows apps to request access to specific photos or videos without needing to access the entire media gallery, catering to instances where access is infrequent or one-time. However, adoption of this API among developers has been sluggish, with many continuing to utilize outdated systems that necessitate broad access to media files.
In a significant policy shift, Google has now mandated the enforced use of the Photo Picker. At its recent I/O event, the company announced that apps on the Play Store must demonstrate a legitimate need for broad access to photo or video permissions. This policy is set to take effect imminently, with developers required to submit a declaration form to qualify for such permissions or remove them if access is infrequent.
As of late September, Google began prompting developers to comply with this new directive, with a deadline for submission looming at the end of the month. Those who fail to meet this requirement will be barred from updating their apps on the Google Play Store. While some leniency may be granted until the end of the year for certain apps, the timeline remains tight.
This decisive action is a welcome development, as enforcing a broad change can often yield better results than gradual adjustments. Had developers embraced the Photo Picker API earlier, a more nuanced approach might have been feasible. Nevertheless, with the prevalence of permission abuse highlighted in the Cyber News report, it is clear that a firm stance was necessary.
Google has confirmed that the live threat detection feature is expected to be deployed to devices later this year, with Pixels and select other OEMs being the first to benefit. As we await the rollout, the focus will be on how rigorously Google enforces its crackdown on sensitive permission abuse. Concurrently, the Play Store has seen a reduction in low-quality, high-risk apps, indicating a serious commitment to improving the overall quality of the app ecosystem. The imminent changes surrounding photo permission abuse are poised to make a significant impact in the near future.
