Google introduced a new service, codename “Bouncer” that verifies all Android apps available in the Android market, by detecting infections with malware, spyware, trojans, but also suspicious activity that can indicate the presence of other problems.
Each application is being tested on Google servers to simulate the behavior on Android devices. The new verification system applies to both new apps added to the Android Market as well as old apps to prevent situations in which the update of a application might contain malware.
Detecting a suspicious activity or malware code, after the simulations in Google Cloud, leads to the manual verification of an application by a Google employee. Adding a malware application to the Android Market is blocked automatically if a infection is detected or after the manual verification if the alert was caused by internal simulations.
Another protection method is analyzing user accounts and excluding those that are not trustworthy.
Unlike Apple, who verifies each iPhone applications because it is listed in the iTunes Marketplace, Google does not verify apps before they are listed. Apps are verified at a later time.
The “Bouncer” service is now being tested and it has been here for multiple months, enough to have an impact on the number of infected Android apps in the Android Market, as in the first and second half of 2011 malware apps in Android Market decreased by 40%.