Let's face it. As much as we love Android, it hasn't exactly been the most secure mobile platform on the planet. Sure, nothing is exactly and perfectly secure, even the walled garden that is iOS but Android has been notorious for making things a little bit easier for miscreants. Of course, that only means that Google has to work incessantly on security and keep vigil over its territory and, today, it's giving itself a pat on the back for a job well done in 2014.
Majority of the security problems on Android can be traced back to malware, almost all of which masquerade as legit apps. It stands to reason then, that rooting out and blocking these apps are key to cutting off the spread of malware. Aside from regularly scanning Google Play Store itself, Google also scans apps during and after installation on a device. This is made possible by Android's "Verify Apps" feature which, in theory, warns and blocks apps that it deems to be harmful, or what Google calls "Potentially Harmful Apps" or PHAs.
But Verify Apps is only half the story and only scans apps that are installed via Google Play Store. Considering there are other app markets out there, plus the ability to install APKs directly, Android needs a safety net to fall back on. Quite appropriately, Google calls this feature "Safety Net". Like Verify Apps, Safety Net looks for PHAs on your device, regardless of whether they came from Google Play Store, F-Droid, or APKs. It does so by scanning the device itself at regular intervals, by default at least once per week, to root out would be problems, both in apps as well as network attacks.
Now, contrary to normal reaction to this device scanning procedure, there is little reason to start becoming paranoid about Google intruding on your privacy. At least, depending on how much trust you ascribe to the Android maker. Google claims that it only scans enough information to ascertain the security of the device and nothing more. It neither scans personal information or even location, though it does try to detect the locale (language) of the device to see if there is anything amiss.
And it seems to have worked! Google boasts of a few of its achievements in the security arena last year. Of course, these are numbers from Google itself, so its up to you how much salt you will take with it. Of the over 1 billion devices that are protected by Android's security system, only 1 percent had a PHA. That number is even lower, down to 0.15 percent when you consider only those that actually install from Google Play Store and thus utilize the Verify Apps security feature. The rate of actual PHAs that got installed went down considerably down to 50 percent between the first and last quarter of 2014.
Those are definitely impressive and encouraging numbers, but some might be fixated on the fact that Google is scanning their device regularly, even for a worthy cause. Fortunately, Google lets you shoot yourself on the foot and disable this security checks yourself. On most devices, you can navigate through the phone's Settings, drill down to the Security section and disable the Verify apps features. On Nexus devices, particularly those already on Android Lollipop, the same setting could be found inside the separate Google Settings app instead. Of course, if you do so, be aware that you are practically on your own when it comes to security your phone as well as your data.
SOURCE: Google