Google Unveils Advanced AI Malware Detection for Android

Sophia Taylor

By Sophia Taylor


Google is gearing up to tackle the persistent issue of malware on Android devices with a new live threat detection service. This service utilizes Google Play Protect’s on-device AI to scrutinize apps for malicious activities. Announced during the Google I/O developer event, this system assesses various signals from an app, such as its use of sensitive permissions and interactions with other apps and services.

When suspicious behavior is detected, Google Play Protect can escalate the app for further review by Google. Additionally, it can warn users who have the app installed or even disable the app if necessary.

Google Play Protect is included on every Android device that has Google Play Services, which covers the majority of the 3 billion-plus active Android devices worldwide. According to Google, it currently scans 125 billion apps each day.

A key component of this new feature is Google’s Private Compute Core (PCC), first introduced in 2022. The PCC provides an isolated data processing environment within the Android operating system, allowing users to control how and when their data is shared. This ensures that the live threat detection feature can protect users without compromising their data privacy.

Image Credit: Google

Google plans to roll out this system later this year on Google Pixel devices, with other manufacturers like Oppo, Honor, Lenovo and OnePlus expected to follow suit.

This initiative aims to reassure Android users about the safety of downloading and using apps from Google Play. While it would be ideal for malware to be caught during app review, this new service adds an extra layer of protection. Apple has long emphasized its App Store’s stringent review process to weed out malicious apps, claiming in a recent announcement to have prevented over $7 billion in fraud between 2020 and 2023.

Alongside the live threat detection service, Google is introducing additional security measures. One-time passwords will now be hidden from notifications to reduce a common attack vector for fraud and spyware. Moreover, Android 13’s restricted settings will be expanded to require additional user approval for app permissions when sideloading apps.

With these enhancements, Google aims to fortify the security of the Android ecosystem, providing users with greater confidence and protection against malicious threats.