Google already publishes a number of Transparency Reports ranging from political advertising to user information requests by governments around the world. Under “Security and privacy,” the company is adding a new Android Ecosystem Security Transparency Report.
This report is focussed on “efforts to reduce Potentially Harmful Application (PHA) rates on devices and in Google Play.” It specifically covers how often Google Play Protect detects PHAs during routine, full-device scans. The service scans over 50 billion apps a day from both inside the Play Store and outside, with the report featuring data points for both.
The new report also focuses on PHA rates in regards to Android version and countries, as well as the market segments (sideloads).
Overall, the rate of malicious apps on user’s devices have steadily declined since 2014 due to improvements like monthly security patches that Google is working to increase adoption of, and measures like Play Protect.
Continuing the trend from previous years, Android devices that only download apps from Google Play are 9 times less likely to get a PHA than devices that download apps from other sources.
The security of devices that installed apps from outside of Google Play also improved. In 2017, ~0.82% of devices that installed apps from outside of Google Play were affected by PHA; in the first three quarters of 2018, ~0.68% were affected.
Meanwhile, according to Google, the latest versions of Android are less affected by PHAs due to API hardening and security updates.
In particular, newer Android versions—such as Nougat, Oreo, and Pie—are more resilient to privilege escalation attacks that had previously allowed PHAs to gain persistence on devices and protect themselves against removal attempts.
Released quarterly, this Android Ecosystem Security Transparency Report is in addition to the annual Android Security Year in Review. Google plans to introduce more data points detailing the health of the Android ecosystem over time.