Google launched the first Android phone in the US in 2008, and there are now 1.4 billion Android users around the world.
The total ecosystem is huge: 400 companies partner with 500 carriers to produce over 4,000 distinct phones, tablets, and TVs running Android.
When we founded Android, the idea was somewhat crazy — build an open standard for hardware makers. Android is open-sourced and provided for free on all hardware.
This makes it possible for hardware makers to build a wide variety of different devices (phones, tablets, and even watches) while simultaneously making it easier for developers to build one app that works across any of these different devices.
Having an open ecosystem and over a billion users means that we take security very seriously. From the very beginning, security has been baked into the heart of Android. For example:
Contents
Application Sandbox
All Android applications run in what we call an “Application Sandbox.” Just like the walls of a sandbox keep the sand from getting out, each application is housed within a virtual ‘sandbox’ to keep it from accessing anything outside itself. This means that even if a user were to accidentally install a piece of malware, it’s forbidden from accessing any other app on the device.
The latest security technology
Android devices use leading hardware and software security technologies such as encryption, application signing, system integrity checks, SELinux, ASLR, and TrustZone to protect user data and the device.
More control in Android M
Users are even more safe with the new permissions model in Android M by giving them more control over what apps are allowed to access. Apps trigger requests for permissions at the time they need to do something.
For example, if your photo posting app wants to access your photo roll, it has to ask you first. So if a flashlight app starts asking for access to your phone book, you can just say no.
Google Play
Google Play — our official marketplace for Android apps and games — is also an important part of Android security. Before applications become available in Google Play, they undergo an application security review process to confirm that they comply with Google Play policies, prohibiting potentially harmful applications. We suspend developer accounts and apps that violate our policies.
Third Party Verify Apps Feature
Since Android allows alternative app stores other than Google Play, our users often download apps from third-party app stores. In order to help make this third-party experience secure, we also have a feature called Verify Apps that warns the user or blocks potentially harmful apps, even if the app wasn’t from the Play Store.
It will check apps when you install them and periodically scans for potentially harmful apps to keep users safe. Over 1 billion devices are protected with Google Play which conducts 200 million security scans of devices per day.
The results of these efforts have made malware relatively rare on Android. Based on our research, fewer than one per cent of Android devices had a Potentially Harmful App (PHA) installed in 2014, and fewer than 0.15 per cent of devices that only install from Google Play had a PHA installed.
In future installments, we’ll talk more about how we work with the broader security community to protect Android users, and offer a few tips for you to protect your phone as well.
[Source:- Wired]
