Half Of Android Devices Still Running Without Security Updates, Google Reports
Google's Android Security team has just come up with a report on the OS's performance for the year 2016. The report marks points such as better performance in malicious apps detection and enhanced association with Google partners regarding monthly patches rollout. Also, Google also opened up about its imminent plans for security updates.
The major target that Google set for the security department last year was the detection and removal of malicious apps. It followed a plan to detect these apps by improving the tracking system. The company achieved the target, in the report, it states that its Verify Apps service administered 750 million day-to-day checks, which is a considerable jump in numbers from 450 million daily checks in 2015.
Inside the Play Store, the number of malicious app downloads dropped to 0.05 percent devices, a drop of 0.15 percent from 2015.
In the report, the team wrote:
Google Play continues to be the safest place for Android users to download their apps. Installs of PHAs from Google Play decreased in nearly every category:
- Now 0.016 percent of installs, trojans dropped by 51.5 percent compared to 2015
- Now 0.003 percent of installs, hostile downloaders dropped by 54.6 percent compared to 2015
- Now 0.003 percent of installs, backdoors dropped by 30.5 percent compared to 2015
- Now 0.0018 percent of installs, phishing apps dropped by 73.4 percent compared to 2015
In the year 2016, Google marks that its monthly security updates program witnessed an expansion. 735 million Android devices got the security updates, spread through 200 manufacturers. The reports also state that around half of Android devices failed to get the update.
For the year 2017, the tech giant is planning to streamline the security update program to make it more available for the manufacturers. It is worth mentioning that Google is also looking to reduce the timeline from monthly to weekly. The company also notes that with the increasing use of machine learning technology and automation, there could be a "significant" reduction in the PHA rates on Play Store and third-party download destinations as well.
In the blog post, Google also talked about the growing contribution of researchers to identify and curb the problems, it says:
On the research side, our Android Security Rewards program grew rapidly: we paid researchers nearly $1 million dollars for their reports in 2016. In parallel, we worked closely with various security firms to identify and quickly fix issues that may have posed risks to our users.
Going by the report, it seems that Google is working on improving the security update cycle. However, the fact that half of Android devices did not get the security patch should be a point of concern from Google and OEMs too.