Google is expanding on an earlier initiative designed to keep malware-laced apps off your Android devices regardless of whether you downloaded them from the Google Play Store or a third-party marketplace.
If you recall, Google introduced a security feature called Verify Apps way back in 2012. When enabled, the feature will scan apps for malware when you download them. Many saw it as an asset to an open ecosystem that’s had its fair share of security concerns over the years but others argued that its usefulness was limited.
Building on the original concept, the revision now allows Google to periodically check the validity of apps after they have been installed. Should a scan detect an app that is potentially harmful, it’ll notify the user and present the option to uninstall it on the spot.
Android security head Adrian Ludwig told Time that users shouldn’t expect any significant impact on system resources. The scanner will check in every couple of days or so but may also be triggered in the event of suspicious behavior such as premium text messages and root access. It was designed to be lightweight and not something they expect a user to interact with.
Even with the added capabilities, Verify Apps still isn’t enough to keep Android users totally safe and secure from malicious apps and scams. For example, Ludwig said it wouldn’t have detected the recent apps laced with cryptocurrency mining malware or Virus Shield, a top-rated Android security app that actually had zero functionality.
