Google Shares Android Security 2016 Year in Review

BY Evan Selleck

Published 22 Mar 2017

For the third year in a row, Google has shared many details regarding the state of security in the Android ecosystem.

The company starts with the basics, saying that it has a goal to protect over 1.4 billion Android users out there in the wild, and then breaks down what that actually means, starting with Potentially Harmful Apps (PHAs). Google notes that the safest place to install Android apps is straight from Google Play, and notes that in nearly every category measured by the company, threats dropped significantly:

  • Now 0.016 percent of installs, trojans dropped by 51.5 percent compared to 2015
  • Now 0.003 percent of installs, hostile downloaders dropped by 54.6 percent compared to 2015
  • Now 0.003 percent of installs, backdoors dropped by 30.5 percent compared to 2015
  • Now 0.0018 percent of installs, phishing apps dropped by 73.4 percent compared to 2015

Google also notes that it made noteworthy changes to security in Android Nougat, including improvements to overall encryption, new protects in the audio and video departments, and boosted security measures for enterprise users.

The company finally notes that it is focused on security moving forward, reiterating its goal for monthly security updates. It also revealed that over 735 million devices from over 200 manufacturers received security updates in 2016:

  • More than 735 million devices from 200+ manufacturers received a platform security update in 2016.
  • We released monthly Android security updates throughout the year for devices running Android 4.4.4 and up—that accounts for 86.3 percent of all active Android devices worldwide.
  • Our carrier and hardware partners helped expand deployment of these updates, releasing updates for over half of the top 50 devices worldwide in the last quarter of 2016.

One last noteworthy detail from the report: Google paid out nearly $1 million as part of its Android Security Rewards program, giving back to the people out there in the wild who find vulnerabilities in the Android platform.

[via Android Developers Blog]