Google is increasing security on the Android platform via the launch of its new Google Play App Security Improvement Program. The company calls this new program “the first of its kind,” and it involves two core components: information for developers about ways to make secure apps, and alerting developers about any security (or possible security) issues when the apps are uploaded to the Google Play Store.
With this new program, Google says all apps will be scanned for “safety and security” before they are accepted into the Google Play Store. These scans will also look for potential security issues in additional to existing ones, and notify the developer if anything is found. Once an app is accepted into the store, it will be “continuously” rescanned for any new threats that may arise.
Developers who do get their app flagged will be emailed an alert and will get a notification in the Google Play Developer Console. The alert will have links to a support page that gives information on how to make the app more secure. Developers can upload the new version of the app in the console with a new version number and will, after a few hours and assuming no new threats are found, have the app accepted.
If the app is already live in the store, Google says the notification will “typically…include a timeline for delivering the improvements” to the app’s users ASAP. As well, developers may have to update their insecure apps before they can push out any other app updates.
SOURCE: Android Developers Blog