Google’s Play Protect Android mobile threat protection system failed real tests by German AV-Test anti-virus testing laboratory, scoring zero on up to six points after very poor malware detection performance.
Google Play Protect’s built-in malware protection for Android was introduced three years ago during Google I / O 2017 in May 2017, with Google fully starting on all Android devices in July 2017.
Today, Google Play Protect is deployed on more than 2.5 billion active Android devices, as reported by the Android Security Center.
Something other than Google Play Protect
According to AV-Test results, Google Play Protect was able to detect just over a third of the approximately 6,700 malware samples used by the test lab throughout the tests, which means that more than 4,000 of them were able to infect the test devices.
Google Play Protect detected 37% of the 3,300 recently discovered samples – aged 2 to 24 hours or less – in the real-time test phase, and 33.1% in the benchmark test which used 3 300 malware samples circulating for up to 4 weeks.
As the screenshot below shows, the two results are the bottom of the rankings, with all other mobile antivirus security solutions having detection rates greater than 98% in both protection tests.
Google Play Protect has also encountered issues with false alarms, as it mistakenly identified around 30 harmless apps as a threat to test devices.
In fact, among all mobile security suites, Antiy, Bitdefender, Cheetah Mobile, NortonLifeLock, Trend Micro and Kaspersky have achieved a perfect detection rate of 100%.
“With Play Protect, Google promises protection against infected programs,” says AV-Test. “This is why the tool runs automatically on each new Android system, analyzing the available applications.”
“The current test, however, indicates that Android users should not rely solely on Play Protect,” added the test laboratory.
“Because Google Play Protect’s detection rates are really poor, using a good security app is highly recommended.”
The AV-Test comparison only evaluated Android security apps for consumers, with the lab to test enterprise security apps and publish the results in April 2020.
This is not the first time that Android’s built-in security app has failed the AV-Test exam since Google Play Protect is also at the bottom of the protection ranking far beyond other security tools mobile in October 2017, just after its release.
100 billion applications analyzed every day
According to Google, Play Protect scans more than 100 billion malware applications daily, up 50 billion from 2018 and provides Android users with information on potential security issues and the actions needed to ensure the security of their devices.
Last year, Google partnered with ESET, Lookout and Zimperium via the App Defense Alliance to improve the detection of malicious Android apps during submission and block those apps before releasing them to the Play Store.
The Defense Alliance App couldn’t have arrived sooner, as this malware has managed to infiltrate Google’s application ecosystem quite often despite the company’s efforts to stop it. (1, 2, 3)
Google has also improved the machine learning detection systems used by Google Play Protect to analyze Android application code, metadata, and user engagement signals to detect suspicious content and behavior.
BleepingComputer contacted Google for comment, but had no response at the time of this posting.
Discussion about this post