In order to combat the ever-growing issue of malware / spyware on Android platform, Google has recently developed and launched a new “protect” feature which role is to serve as an active anti-virus software that scans installed applications on your device and sends the information to Google for analysis.
On most devices, users can opt-in to use the feature (if not already enabled) by tapping the menu icon inside Google Play application and tapping Play Protect – from there you could look for information about the status of your device and also enable / disable the feature.
The obvious advantage of using Protect is that it may help prevent users from installing maliciously-behaving applications, especially under the guise of seemingly harmless ones. It also helps Google to quickly catch and filter any app on their Play Store that may serve as a platform for unwanted behavior, such as spyware, ransomeware, etc…
Nevertheless, critics of Protect feature argue that it serves as an excuse for Google to constantly monitor users activity, influencing users to use only Play Store instead of other alternatives – thus basing Google’s monopoly over Android’s mobile applications sphere, and lastly they say, it’s an attempt to bite the mobile anti-virus market share.
In a move that further strengthens the critics suggestion of Google seeking monopoly, starting with Android version 8.0 aka “Oreo”, Google has made it even more tedious to install apps from sources other than Play Store.
But apparently that’s not enough, starting as of yesterday (September 14) Google is offering Android application developers a new suite of APIs (application programming interface) called SafetyNet Verify Apps API so that developers could “determine whether a user’s device is protected by Google Play Protect” and “encourage users not already using Google Play Protect to enable it”[1].
In order to reach the masses, or at least those that have the higher financial weight, Google also made sure to emphasize that “Enterprise-focused apps in particular may benefit from using the Verify Apps API”[1], due to enterprises often higher inclination towards security.