a new way which will protect its
from potential financial fraud. The tech giant has started testing the enhanced financial
Google Play Protect
Google has started testing the feature with some users. The company has revealed that during the pilot, when a user in Singapore attempts to install an application from an Internet-sideloading source and any of these four permissions are declared, Play Protect will automatically block the installation with an explanation to the user.
Google has revealed that the enhanced fraud protection will automatically block the installation of apps that ask for sensitive permissions. “This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for
when the user attempts to install the app from an Internet-sideloading source (web browsers, messaging apps or file managers),” said the company in a blog post.
The company also mentioned that the enhancement will inspect the permissions the app declared in real-time and specifically look for four runtime permission requests: RECEIVE_SMS, READ_SMS, BIND_Notifications, and Accessibility.
The above mentioned permissions are frequently abused by fraudsters to intercept one-time passwords via SMS or notifications, as well as spy on screen content.
Google has partnered with the Cyber Security Agency of Singapore (CSA) for the testing of the feature. “Together with CSA, we will be closely monitoring the results of the pilot program to assess its impact and make adjustments as needed. We will also support CSA by continuing to assist with malware detection and analysis, sharing malware insights and techniques, and creating user and developer education resources,” added the company.
The enhanced fraud protection functionality of Play Protect will be soon rolled out for Android users with the Google Play services.