Modernizing Authentication — What It Takes to Transform Secure Access
"The feature is an extension of the security technology Google introduced for the Play Store this past February," Raphael writes. "While that technology worked exclusively on the server side, analyzing apps that were uploaded to the Play Store, the new system works with your device and scans any apps you install from third-party sources (a process known as 'sideloading')."
"Android’s security system is opt-in. Users who download an app from a third-party source will be prompted the first time around to let Google check them for harmful behavior," writes SlashGear's Brittany Hillen. "The users can then opt-in by tapping 'Agree,' or dismiss it and take the risk. If you opt-out the first time around but change your mind later on, you can enable the feature in Security via Settings."
"Enabling the added security via settings adds a new step to the installation process: Google will sample a given app and compare it to a broad list of 'known applications' that combines Play's catalog with popular apps that may not be available in the store," writes The Verge's Chris Welch. "(Purchases made from Amazon's Appstore for Android fall into this category, for instance.) Most installations will proceed as normal, but in the rare event that Google detects a problem, it will prevent things from proceeding any further."
"In addition to identifying malicious apps before they’re installed -- or at least attempting to do so -- the system will also warn users when they’re about to send SMS messages to premium numbers, thus letting them to allow or cancel the text," writes Android Authority's Chris Smith. "Assuming malware apps do get installed on Android 4.2 devices, and assuming their monetization scheme involves quietly sending such costly texts to short numbers, the feature could save users spending money they don’t know they’re actually spending."