Google starts blocking users from downloading certain apps in Singapore


To reduce financial scams, Google has launched a new program to prevent users from downloading certain apps in Singapore. The company seeks to block downloaded apps that abuse Android permissions to read one-time passwords received via SMS and notifications.

Google said there are four sets of permissions that bad actors exploit to commit financial fraud. According to the company’s investigation, most of these apps are downloaded and installed manually on the device, and not through the Play Store.

“Fraudsters frequently abuse these permissions to intercept one-time passwords via SMS or notifications, as well as to spy on on-screen content. Based on our analysis of the top rogue malware families that exploit these sensitive execution permissions, we found that more than 95% of installations came from sideloading sources across the Internet,” the company said in a blog post.

The search giant said that when a user in Singapore attempted to install such an app, Google would automatically block the attempt with a pop-up message saying: “This app may request access to sensitive data.” This can increase the risk of identity theft or financial fraud.

Image credits: Google

Google developed this driver in collaboration with the Cyber ​​Security Agency of Singapore (CSA) as part of its Play Protect program.

Last October, the company announced a real-time analysis protection function – with the first deployment in India – to prevent users from downloading malicious apps. In November, TechCrunch performed a test with more than 30 different malicious applications. And although Google’s protection feature blocked most of them, some predatory lending apps were successfully installed.

“With this recent enhancement, we’re adding real-time, code-level scanning to Google Play Protect to combat new malicious apps, whether the app was downloaded from Google Play or elsewhere,” the spokesperson said. Google, Scott Westover, in a press release. email TechCrunch at that time. “These features will continue to evolve and improve over time as Google Play Protect collects and analyzes new types of threats facing the Android ecosystem.”

Since then, Google has expanded the real-time analytics feature to new regions, including Thailand, Singapore, and Brazil.

With the latest announcement, Google has alerted developers that their Apps must not violate the Mobile Unwanted Software Principles and must follow directions. The company said it plans to expand the pilot program to other countries.

“We’re constantly improving our protections to keep Android users safe around the world. In collaboration with the ASC, we will closely monitor the results of the pilot program to assess its impact and make any necessary adjustments. We are open to expanding the pilot to other countries in the future if we see similar interests and needs for user protection,” Eugene Liderman, director of Android security strategy at Google, told TechCrunch in a press release.

Fraudulent loan apps have been a problem for Google in geographies like India and Africa. In India, Google faces scrutiny predatory lending apps and their representatives harassed people for reimbursement, pushing some to suicide.

Last year, Google introduced a new policy prohibiting lending apps from access user photos and contact details.


Leave a Comment

Your email address will not be published. Required fields are marked *