Google issues fresh security guidance to defend against app vulnerabilities

News

Google's App Security Improvement (ASI) program has notified developers of 26 new potential security issues, from an insecure hostname verifier to vulnerable software development kits.

A new webpage gives developers links to articles where they can find instructions on how to resolve issues, contact support staff and keep track of longstanding problems.

The page also includes Google's best practices and security checklists, which the company said is aimed at improving security and tackling app-specific issues.

Since April 2016, when Google gave its last update on its app security measures, the Google Play App Security Improvement (ASI) program has led to more than 90,000 developers improved over 275,000 apps. Google had warned developers of 11 new security issues and provided them with the means of solving them.

Before an app is available on Google's Play store, Google scans it for safety and security threats. If it is deemed vulnerable, Google issues alerts via email and the Play Developer Console with links to details on how to improve it.

Google also rescans more than one million apps currently on the Play Store to ensure there are no further vulnerabilities.

In September, a report from Nokia warned that smartphones are a "critical" target for malware, accounting for 78 percent of all mobile network infections.

Android remains the most targeted operating system with 74 percent of all attacks directed its way.

It said ransomware, spyphone applications and SMS Trojans were among the most popular threats.