Google had a busy 2022 keeping its Play application marketplace free from cybercriminals, reporting on Thursday that it had prevented 1.43 million policy-violating apps from being published.

The company credited the results to a combination of new and improved security features and policy enhancements, including requiring additional identity verification methods (such as phone number and email) before developers can join the popular ecosystem.

Google also highlighted the benefits of its continuous investments in machine learning (ML) systems and app review processes, which it says helped it ban 173,000 malicious accounts and prevent more than $2 billion in fraudulent and abusive transactions.

"We continued to partner with [software developer kits] SDK providers to limit sensitive data access and sharing, enhancing the privacy posture for over one million apps on Google Play," the company wrote in a blog post. "With strengthened Android platform protections and policies, and developer outreach and education, we prevented about 500,000 submitted apps from unnecessarily accessing sensitive permissions over the past 3 years."

The company's app security improvement program, a service provided to Google Play app developers to improve the security of their apps, helped developers fix roughly half a million security weaknesses across roughly 300,000 applications.

Meanwhile, the company expanded its Helpline pilot offering phone support to developers and launched the Google Play Developer Community pilot program, where developers can offer guidance and best practices on designing safe apps.

"As the Android ecosystem expands, it's critical for us to work closely with the developer community to ensure they have the tools, knowledge, and support to build secure and trustworthy apps that respect user data security and privacy," the post continued.

In 2019, Google announced the creation of the App Defense Alliance in partnership with ESET, Lookout, and Zimperium, with McAfee and Trend Micro joining recently as partners.

The company has also worked to enhance the Play Integrity API, designed to protect user apps and games from potentially risky and fraudulent interactions, with plans to expand access to automatic integrity protection this year.

Google Play Malware Breaches Persist

Despite Google's ramped up security efforts, the market for malicious Google Play applications and app-takeover tools is thriving.

Malicious actors are still managing to breach defenses, to which the recent deployment of Goldoson malware — which was downloaded 100 million times — attests.

Discovered and named by researchers at McAfee Labs, Goldoson can perform a variety of nefarious activities on Android-based devices, such as performing ad fraud by clicking advertisements in the background without the user's consent or knowledge.

In December 2022, researchers discovered the banking Trojan Godfather, a type of Android malware masquerading as a legitimate application on the Google Play store, which racked up more than 10 million downloads.

Sophisticated malware like SharkBot, which was hidden in apps masquerading as antivirus tools, also proved tricky for Google Play to eradicate, deploying methods like Domain Generation Algorithm (DGA) and geofencing capability to bypass Google's protections.

Pushing Privacy With Updated Terms of Service

There's currently a debate underway as to whether the updated Terms of Service (ToS) for Play — which states Google may remove "harmful" applications from users' devices — goes too far.

The 130-word paragraph focused on malware protection is raising eyebrows among some privacy experts, who argue the language is too ambiguous — the ToS also does not commit Google to tell users when it makes such a deletion.

Back in April, Google also announced Play would hide outdated apps that don't support the latest Android features, part of its Target Level API requirements plan aimed at boosting user security.