Google has announced a security update to its Google Play Protect service. The company will introduce live threat detection with real-time alerts for Android users.
The threat detection feature continuously monitors devices for malware and unsafe applications but will be focused at first. The initial rollout targets stalkerware, software designed to collect personal data without user consent, with plans to expand detection to other harmful app categories. Live threat detection analyzes app behavior in real time, examining how apps use sensitive permissions and interact with other apps and services on the device.
This active monitoring lets Google Play Protect identify potentially harmful apps that may attempt to conceal malicious behavior or remain inactive for a period before engaging in suspicious activity. The real-time alerts tell users immediately if a harmful app or scam call is detected and let them take action to protect their data and devices.
While traditional app scanning focuses on identifying known malicious code signatures, the new live threat detection takes things much further. This approach lets the service find apps with malicious intent that might not yet be flagged in traditional databases but exhibit suspicious behavior patterns. By focusing on real-time activity, Google can identify and neutralize threats more effectively, but a big question comes with privacy.
Google uses its Private Compute Core technology to process threat detection locally on the device. This makes sure user data stays on the device and is not sent to Google servers. So it’s like the user’s device is doing the work, not an outside server. This makes it a lot better in terms of privacy for the user, but Google will likely send some data to its servers if it keeps a record of the apps that need flagging.
Live threat detection is initially available on Pixel 6 and later devices. However, Google plans to expand the availability to devices from other manufacturers in the coming months.
Source: Google