As online scams and scams continue to spread across India, Google has announced plans to make major changes in the country to help alleviate the problem. The plan is to block sideloading of certain apps, especially for users who try to download them directly from the internet. . The pilot, announced at the annual Google for India event on Thursday, is part of what is being described as “enhanced fraud protection” within Google Play Protect.
Sideloading, where users bypass the official Google Play app store to load apps onto Android smartphones, has long been a thorny issue for Google in the country, and the move comes as Google gradually tightens its policies on the practice. It shows that Not only in India but also in other parts of the world.
Last October, Google also introduced real-time scanning protection in India with the aim of curbing the sideloading of malicious apps. However, TechCrunch tested the feature on more than 30 malicious apps and found that while most were blocked, some predatory loan apps were able to evade protections.
Meanwhile, Google released enhanced fraud prevention features in Singapore in February. The company said the measures helped prevent the establishment of 900,000 high-risk facilities in the Southeast Asian country over six months.
To be clear, the pilot announced today during an event in India does not sound the death knell for all sideloading in the country. From what we understand, users will still be able to sideload offline apps and use third-party app stores.
What Google does is: If the installation of a particular app requires sensitive permissions, such as access to SMS, notifications, or accessibility features, Google may use your phone's web browser, messaging app (Android or otherwise) , to analyze and automatically block sideloading via file managers. . This is because these privileges often allow fraudsters to steal one-time passwords, financial credentials, and other sensitive data.
Enhanced Protection “inspects app-declared permissions in real time, intercepts one-time passwords via SMS and notifications, and intercepts on-screen content (RECEIVE_SMS, RECEIVE_SMS, READ_SMS, BIND_Notifications, Accessibility)” and Google says in a blog post.
After the pilot begins, Google said Play Protect will automatically block such installations with an explanation.
Image credit: Google
Google is focusing on these specific sideload scenarios, as over 95% of suspicious installations come from these sources, based on our analysis of the leading fraudulent malware families that exploit sensitive privileges. said.
Google did not immediately respond to inquiries about when and where the feature would be rolled out.
Google claims existing fraud prevention measures in India have saved more than $1.55 billion from financial fraud since last year and provided Indian users with 41 million warnings for fraudulent transactions on Google Pay. did. Play Protect's integration into Android devices has also helped identify 10 million malicious apps worldwide, the company added. But in the world's most populous country, scammers still find ways to game the system and attack gullible people.
Google is taking a multi-tiered approach to the issue of fraud through mobile apps in India.
Last year, the company announced a program in India called DigiKavach, which works with companies and industry associations in the financial sector to limit financial fraud. The company also partnered with the Indian Cyber Crime Coordination Center to deploy Google Pay on the Indian government's National Cyber Crime Reporting Portal to capture critical signals and assist in investigating illicit financial activities.
But the situation is dire. In 2022, TechCrunch reported on how predatory loan apps are causing suicide cases in India. Central banks and government agencies have introduced various measures to reduce the risk of people being targeted by these apps. Despite this, scammers still find loopholes in the system to attack their prey.
Alongside the Play Protect update, Google on Thursday announced the launch of a new Google Safety Engineering Center in India in 2025, which the company says will be “dedicated to building and advancing security and online safety products and solutions.” he claimed.
At the center, Google safety engineers collaborate with local policy experts, government partners, and academia to protect users from threats such as fraud and scams, strengthen enterprise and government security, and conduct cutting-edge research. Address the country's 'online safety challenges' with a focus on promoting. And development. ”