‘Click fraud’ was the most common PHA with 54.9 per cent of attacks
Google last year paid out $3 million through its rewards programmes, which pay cash
to people who can spot security vulnerabilities in its apps and products.
This money helped it reduce the proportion of devices using Google Play that are hit by potentially harmful applications (PHAs) to 0.08 per cent.
The company’s fifth Android security and privacy review found that eight times more devices were affected by PHAs on devices that installed apps from outside Google Play.
This meant 0.68 per cent of these devices were affected, although this was an improvement from 0.8 per cent the year before.
The report also found that Google Play Protect blocked more than 1.6 billion PHA install attempts from outside Google Play last year.
Google Play Protect, which debuted in 2017, scans more than 50 billion apps every day across more than two billion Android devices.
While the number of PHAs installed last year increased, Google insisted this was due to ‘click fraud’ being added as a PHA category for the first time.
‘Click fraud’ was the most common PHA category in Google Play, representing 54.9 per cent of attacks. Trojan attacks (16 per cent) and SMS fraud (6.8 per cent) were the next most common.
Google has also stepped up its efforts in security updates in the past year, with 84 per cent more devices receiving updates in the fourth quarter of 2018 compared with the same quarter of 2017.
The two latest versions of Android were the least likely to receive PHAs.