Google describes how Android 4.2’s app verification checks your downloads for malware

Google describes how Android 4.2’s app verification checks your downloads for malware

Google announced Android 4.2 (Jelly Bean) late last month, saw it leak earlier this month, and then launched it yesterday SDK and all. Today, the company’s Android team has detailed the mobile operating system’s app verification feature.

Here’s the announcement, titled “Expanding Google Play Security Protections,” via Google+ of course:

Keeping our users’ information safe and secure is a top priority. We automatically scan Google Play to block and remove harmful apps. Now, with Jelly Bean Android 4.2 devices that have Google Play installed have the option of using Google as an application verifier. We will check for potentially harmful applications no matter where you are installing them from. So, if you install applications from unknown sources like the web or a third party app store, this free service will provide you with another layer of security.

The Protect against harmful applications page has more. Essentially, app verification is an optional feature in the second Jelly Bean release that lets Google verify your apps in order to prevent malware and other harmful software from being installed on your device.

If you attempt to install an app from any source while app verification is turned on, your phone may send information identifying the app to Google, including: log information, URLs related to the app, and general information about the device, such as the Device ID, version of the operating system, IP address, and one or more cookies. Data is sent to Google assuming that you agree to allow this when asked in the dialog that appears prior to installing the first app from an unknown source.

As you can see in the two screenshots above, there are two possible scenarios here. If the app is harmful, Google may warn you not to install it. If it’s really malicious, Google may block the installation completely. App verification is turned on by default, but can be toggled as you like (Settings => Security => Verify apps).

I suggested Google will likely include something like this in Android 4.2 last month. I gave two points of proof for my prediction: a Google Play Store app update that included relevant security strings and icons, as well as the company’s recent acquisition of VirusTotal.

It would appear that the VirusTotal part has nothing to do with today’s reveal. VirusTotal has an Android app, version 1.0 of which was released in June 2012, with the following description:

VirusTotal checks your Android applications device against
VirusTotal for Android checks the applications installed in your Android phone against VirusTotal ( It will inform you about malware (virus, trojans, worms) on your phone and allows you to upload any unknown applications to VirusTotal. In other words, VirusTotal for Android will get your applications scanned by more than 40 antivirus, flagging any undesired content.
Please note that VirusTotal for Android does not provide real-time protection and, so, is no substitute for any antivirus product, just a second opinion regarding your apps.

I still think Google should work on getting this functionality integrated into Android, if it isn’t already. It would be a shame to see VirusTotal’s app go to waste.

Image credit: Philippe Ramakers

Read next: Israel announces military action on Twitter, setting new precedent for the service's ability to spread news