Google is upgrading the Play Integrity API for Android app developers to be faster and more secure.
The Play Integrity API helps developers “check that interactions and server requests are coming from your genuine app binary running on a genuine Android device.” It can help applications detect fraud, bots, cheating, and data theft. Google notes that apps using Play Integrity “have seen 80% less unauthorized usage on average compared to other apps.”
By detecting potentially risky and fraudulent interactions, such as from tampered app versions and untrustworthy environments, your app’s backend server can respond with appropriate actions to prevent attacks and reduce abuse.
Google is now updating the Play Integrity API to be “faster, more reliable, and more private” on devices running Android 13 and newer. There are three aspects:
- “The improved verdicts will require, and make greater use of, hardware-backed security signals using Android Platform Key Attestation, making it significantly harder and more costly for attackers to bypass.”
- “We’ll also be adjusting verdicts when we detect security threats across Android SDK versions, such as when there is evidence of excessive activity or key compromise, without requiring any developer work.”
- “And now, Play Integrity API will have the same level of reliability and support across all Android form factors.”
This new approach results in an approximately 90% reduction to the “device signals that need to be collected and evaluated on Google servers,” which speeds up the verdict process by up to ~80%.
Meanwhile, apps can optionally check whether a device has a recent security update (within the last year).
App developers can already opt-in to this new Play Integrity API approach, with everyone getting upgraded in May 2025.
FTC: We use income earning auto affiliate links. More.
Comments