Google has formed an alliance with three cybersecurity firms to protect the Google Play Store from malicious Android apps.

Founding members of the ‘App Defense Alliance’ include ESET, Lookout and Zimperium. The partnership opens a direct, two-way channel with Google to catch malicious apps before they make it onto the Play Store. If a member has suspicions about an app they can send a request to Google to have the app analysed.

Google, via its Play Protect scanner, can also request a partner to scan an app to create “new app risk intelligence as apps are being queued to publish”.

Despite Google Play Protect’s routine scanning of over 500,000 apps, hundreds of malicious apps racking up hundreds of millions of installs still slip through the net.

Calling in reinforcements to catch these apps is a welcome move, drawing on the strengths of its founding members. Both Zimperium and Lookout are specialised in mobile protection while ESET has a strong track record identifying malicious apps in the Play Store.

App Defense Alliance: Reactive to proactive

“For years, Google has worked extensively with members of the cybersecurity community to protect both businesses and consumers online, and today’s news is the latest example of this collaboration,” said Dave Kleidenmacher, head of Android security and privacy at Google.

“Partnering with a respected member of the cybersecurity industry like ESET will enhance the protection of the Google Play ecosystem, and we look forward to seeing what our teams are able to accomplish together.”

Tony Anscombe, global security evangelist and industry ambassador, ESET, said:

“What was previously a reactive effort to catch security vulnerabilities is now a full-fledged and proactive campaign to protect billions of consumers and businesses at the source.

“ESET has constantly been at the forefront of threat research. Together with Google, ESET and the other App Defense Alliance members will be able to provide Google with the information to eliminate threats and help Android users stay one step ahead of cybercriminals.”


Read more: Google’s iOS exploit discovery should be a security “wake-up call” for iPhone users