Google is experimenting with a very particular new security feature on Android, aimed at protecting users from financial fraudwhich are continuously increasing.
This is an offshoot of Google Play Protect automatically analyzes and blocks installing applications that can use certain permissions runtime, often abused in financial fraud. This security mechanism comes into play when the user tries to install the application outside the Play Store, for example from web browsers, messaging apps or file managers.
Let’s talk for example about permissions for SMS and the notificationswhich can be used to intercept OTPs sent by banks or other services, or some authorizations for theaccessibilitywhich can be used to read and interact with the content of the screen, allowing attackers to steal passwords and other sensitive data.
The idea makes sense, but it’s not always easy to distinguish the good ones from the bad ones, for example apps that come from (legitimate) alternative stores, and if scammers find a way to trick the system they might not be subjected to the intended scan.
Then there is the matter of false positives, but also for this reason a limited test is underway only in Singapore. If it is successful, most likely, sooner or later we will see this type of protection here too.
