Google has proudly reported that it once again banned a number of malicious or misleading apps from the Play Store last year. But they’re still a long way away from providing a quality defense against malware. The search for the right app in the Play Store is still a matter of intensive research and having the right information. In this article we’ll try to define some basic principles that should help guide you along in your app research.
The Play Store has become an ugly place. It was once considered a place where you could find answers. Does your phone need a new feature? Okay, just go to the Play Store, try out some apps and you’ll be able to solve the initial problem. Now it’s not so easy. Crooks can falsify positive ratings, buy themselves a high ranking and sometimes copy other apps that are actually good.
As the operator of the Play Store, Google for the most part still relies on purely atuomated forms of quality assurance. Algorithms analyze new apps and updates of known code fragments or behavioral patterns, much like a virus scanner does in Windows computers. If an automatic alarm is signaled, the app will likely be sent back to the developer.
The system ensures that 99 percent of all malicious apps don’t reach users via the Play Store, or that’s at least what Google states in its latest blog post. The algorithms have become a bit smarter thanks to machine learning. At this point, the algorithms are able to detect fake identities, inappropriate content and new types of malware.
Creators of malware are better organized
In 2017 examples such as SonicSpy showed that malware creators and networksare literally bombarding the Play Store with malware. Google now wants to address these interrelationships. The report goes on to say that Google recognizes “repeat offenders and abusive developer networks” and has already banned 100,000, which has made it more complicated to create a new developer account.
But how do I recognize bad apps?
Flashlight apps are obsolete
Certain apps and games are particularly vulnerable to abuse. Flashlight apps in particular have benefited from users’ careless habits. Usually users are informed of the app’s permissions before installation, although since 2015 they are sometimes only informed once they’ve started using it. A few months ago there were a large number of flashlight apps that also wanted to be able to send an SMS. Enough users accepted this obviously fraudulent permission and got caught in a trap. The flashlight app could then send premium SMS messages and earn money for the app developers.
Certain app categories are particularly susceptible to fraud.
At the same time, most flashlight apps actually only have camera permission. This makes sense because the LED connected to the camera is controlled via the camera permission. However, not all users know that a flashlight app has already been given to them. It’s probably already in your smartphone’s Quick Settings. Just pull your finger down from the top of the screen and look for the small flashlight silhouette.
The flashlight is already integrated in the Quick Settings of most Android smartphones, which makes these apps unnecessary.
If you install a flashlight app anyway, it will probably interrupt its actual function with several commercial breaks. Advertising in apps is tolerable to a certain extent, but the added value that the app provides must be commensurate with the number of advertising interruptions. With such a superfluous app, there is no reason to tolerate advertising.
Booster and cleaner apps are inherently useless
If your memory is full, your phone is slow or the Wi-Fi isn’t good enough, there are well established solutions to your problems. The Play Store won’t provide any answers. We have an article on each of these topics, as they’re among the most common problems with smartphones. Other media have also written very good reports on this.
App creators, however, have found successful ways to profit by creating completely useless and sometimes harmful apps in the Play Store.
Have you ever downloaded a battery and charged your phone? DU apps claim they can do it.
Optimization apps are making a profit out of your desperation. Whatever they say works must be able to help your battery. Cheetah Mobile was able to record several hundred million downloads doing this, and the boss of the company has twice stated outright that the app is no good.
The reason is that apps can’t work miracles. Android has a so-called sandboxing principle. Each app works in its own capsule and must not interfere with the system in any way that could prolong battery life. In this respect, we have already been provided the optimizations by Android and the smartphone manufacturer.
However, poor performance is often due to the fact that an app consumes a lot of energy. If this is the case, you should identify the app and just uninstall it. You can probably find a more economical alternative to it, which leads us to the next problem….
Copies and counterfeits pretend to be alternatives
While looking for popular games like Solitaire, Tetris or Bubble Poppers I recently noticed it again: it is practically impossible to search for apps with the Play Store’s search tools, because…
- You can’t hide apps with advertisements or in-app purchases.
- The average score is worthless because it can be generated in click farms.
- It is rarely explained why the app requires certain permissions.
- You never know whether in-app purchases are a one-time thing or recurring as well as what they’ll provide you.
And even worse, the apps rarely offer what you expect. Most Bubble Poppers end up being just a loot box system with pointless in-app purchases.
In the Bubble Witch 3 Saga the virtual witch’s cottage will cost you extra.
Most games are good for the first few minutes. With some luck they’ll be easy to play for a few hours. And then suddenly they’re asking for cash. If they stuck with a one-time in-app purchase that would unlock all the remaining levels like in Super Mario Run and then never asked for money again, everything would be fine. But a lot of games drive you into virtual bankruptcy, which could cost you a lot of money in real life.
The fact that Google remains neutral about this can be demonstrated in the Google Play Awards 2017, where several titles included in the top list of the year display high predatory economic models.
And what makes a good app?
A reasonable app will explain to you at the beginning if you have to pay for anything. Google has placed small references to ‘In-app purchases’ right next to the download button. In the app descriptions below you can see an app’s price range.
Unfortunately, Google doesn’t list you what you can actually buy as an in-app purchase.
There are issues with both permissions as well as advertising. The developer should ideally justify the necessary permissions in the description of the app (like in Threema, for example). They have to be explained in accordance with the app’s functions. A flashlight shouldn’t need to send SMS messages and a Bubble Popper shouldn’t need access to your camera or microphone, let alone your contact list.
Google should more precisely identify ads: are they just small banners on the edge or are they full-screen ads? Are there videos or just static content? In the worst case, the advertisements steal the screen for several seconds or cause you to accidentally press on them and waste precious data. Does the app actively encourage you to press on ads to get bonuses? Don’t let them exploit you!
Conclusion: App research is about having the right information
The list of things to consider hasn’t become any shorter in recent years. App creators with deviant motives to make profits are becoming smarter at the same rate as Google’s anti-malware team. So the user still has to be incredibly careful with banal things like finding the right Solitaire app for Android until things improve.
What’s your story? Have you ever fallen into a bad advertising trap? What do you pay attention to when searching for new apps? Or have you given up completely and only install apps that you already know?