Google has started blocking users in Singapore from sideloading certain apps


To reduce financial scams, Google has launched a new program in Singapore to prevent users from sideloading certain apps. The company is looking to block sideloaded apps that abuse Android permissions to read one-time passwords received via SMS and notifications.

Google said there are four sets of permissions that bad actors use to commit financial fraud. According to the company’s survey, most of these apps are sideloaded, installed manually on the device — not through the Play Store.

“These permissions are often misused by fraudsters to intercept one-time passwords via SMS or notifications, as well as spy on on-screen content. “Based on our analysis of the major fraudulent malware families that exploit these sensitive runtime permissions, we found that more than 95 percent of installations came from Internet-sideloading sources,” the company said in a blog.

The search giant said that when a user in Singapore tries to install such an app, Google will automatically block the attempt with a message pop-up that reads: “This app may access sensitive data.” Can request. “This could increase the risk of identity theft or financial fraud.”

Image Credit: Google

Google developed this pilot in collaboration with the Cyber ​​Security Agency of Singapore (CSA) as part of its Play Protect program.

Last October, the company had announced a real-time scanning security feature with its first-ever rollout in India to prevent users from sideloading malicious apps. In November, TechCrunch conducted a test with over 30 different malicious apps. And while Google’s security feature blocked most of them, some predatory loan apps got installed successfully.

“With this recent enhancement, we’re adding code-level real-time scanning to Google Play Protect to combat new malicious apps, regardless of whether the app is from Google Play or elsewhere,” Google spokesperson Scott Westover said in a statement. Has been downloaded.” Email TechCrunch at that time. “These capabilities will continue to evolve and improve over time, as Google Play Protect collects and analyzes new types of threats facing the Android ecosystem.”

Since then, Google has expanded the real-time scanning feature to new regions including Thailand, Singapore, and Brazil.

With the latest announcement, Google alerted developers that their apps should not violate mobile unwanted software principles and follow the guidelines.

Fraudulent loan apps have been a problem for Google in geographies like India and Africa. In India, Google faces scrutiny as predatory loan apps and their representatives harass people for repayment, leading some to commit suicide.

Last year, Google introduced a new policy to prevent loan apps from accessing users’ photos and contact details.

Source link

About Author

Leave a Reply

Your email address will not be published. Required fields are marked *