Google Expands Play Protect with Rescan and Quarantine Features to Enhance App Security

David Gomez

Jul-25-2024

Google Expands Play Protect with Rescan and Quarantine Features to Enhance App Security

Google appears to be working on additional functionality for Play Protect, its cloud-based app-verification service that defends users against malicious applications. Reports indicate that the tech giant is developing a 'Rescan' option for apps that have been previously marked as harmful, allowing these apps to be rescanned without being removed from the devices. This potential feature was reportedly identified during an APK teardown of the Google Play Store app on Android.

Android Authority, in collaboration with a tipster known as AssembleDebug, has suggested that Google might include a “Rescan” button after an app has been initially scanned by Play Protect. The feature was noticed during an APK teardown of the Google Play Store app version 41.9.17. However, it is still in the development phase and not accessible to users at this time.

Currently, when a user installs an app, Google Play Protect scans it for any potentially harmful behavior. If the app violates Google's Unwanted Software Policy, the user gets an alert along with an option to uninstall it. This new 'Rescan' option could provide users with the opportunity to rescind the app scan results, particularly if they believe the app has been mislabelled, before opting to remove it from their device.

With the upcoming Android 15, Google is reportedly introducing a new 'quarantine' functionality to the Play Store. This feature might allow system apps such as Google Play Services or the Play Store to isolate potentially harmful apps and impose restrictions on them.

Once an app is quarantined, its capabilities would be significantly restricted, preventing it from causing negative impacts on the user's device. The app wouldn't be able to display notifications and all its activities would be halted. This feature was reportedly spotted in an Android 15 beta update but has not yet been enabled. It appeared in the form of a "QUARANTINE_APPS" permission, which could be granted to apps signed by the same certificate as Google.

Follow: