14 DAY TRIAL // Google has just released its annual Android security report, and according to the company's internal audit for 2015, the countermeasures the company took last year to fight malware and Android vulnerabilities had a positive impact on the whole ecosystem.
Android has been under a lot of criticism in the past few years, but looking back and reading through Google's report, we see that the company took a lot of measures to combat mobile malware, fix security flaws, and right Android's image.
Mobile malware numbers went down
Google say that, during the past year, its security systems scanned over six billion apps on a daily basis looking for malware, protected over 400 million devices each day from on-device and network-based attacks, and Chrome's Safe Browsing for Android blocked hundreds of millions of malicious sites per day.
The possibility of installing a PHA (Potentially Harmful Application) from Google's Play store went down 40 percent. Google reports that 0.08 percent of all app installs contained data collection malware (down 40 percent from 2014), 0.02 percent of installs hid spyware (down 60 percent), and 0.01 percent of all app installs came with a hostile (malware) downloader (down 50 percent).
Overall, Google explains that only 0.15 percent of all Play Store app installs in 2015 contained malicious code while the percentage is 0.5 percent for users who installed apps from both the Play Store and other third-party sources.
Google addressed its "vulnerabilities" problem
Probably the biggest issue of last year regarding Android security was the Stagefright vulnerability and the OS update process.
What few people know or remember is that Google decided last June to include Android in its Vulnerability Rewards Program (VRP), the company's self-managed bug bounty system.
The large numbers of bugs this program helped fix and the media pushback from the infamous Stagefright bug led Google to launch its monthly Nexus Security Bulletin, an update train for the Android OS, made available to all OEMs.
While OEMs are still seriously lagging behind when it comes to the update process, for its part of the deal, Google has provided these companies with all the tools they needed to make sure Android devices are kept up to date and safe from any developing threats.
Along with the launch of Android 6.0 Marshmallow, which included a lot of security features, such as full-disk encryption and updated app permissions, we conclude that Google did more than alright when it came to Android's security during 2015.
For more details, check out Google's 49-page Android Security 2015 Year In Review report.
