This week, Google unveiled a test feature meant to strengthen Android’s defenses against scams involving financial fraud.
The enhanced fraud protection feature of Google Play Protect prevents sideloaded apps that frequently request sensitive runtime permissions—a tactic used by scammers—from being installed. In order to examine the permissions, the app declared in real-time, the feature will analyze attempts to install apps from internet-sideloading sources, such as browsers, file managers, or messaging apps.
It will specifically look for four requests: RECEIVE_SMS, READ_SMS, BIND_Notifications, and Accessibility. The internet behemoth claims that sideloading sources are the source of more than 95% of the fraud malware families that usually ask for these permissions.