Google is officially rolling out its security certification standard for Android devices and apps in India. The certification which goes by the name “Play Protect” was initially launched in May this year. The certification is provided as a seal of guarantee to manufacturers and developers on box sets and mobile apps. For this, the company claims to work with various manufacturers globally, and run “hundreds of compatibility tests” to ensure devices comply with Android security and permissions architecture.

Note that Google’s feature is being rolled out in India at a time when privacy issue has taken centre stage in India. The Indian government said that it will soon introduce standalone security standards for mobile phones and related services. The Ministry of Electronics and IT (Meity) also directed more than 20 handset makers to submit details about security architecture and standards that they follow for storing customer data. TRAI also has an ongoing public consultation on data protection, while the Supreme Court recently upheld privacy as a fundamental right. The ruling has some effect on device manufacturers and developers. We have explained it here.

Speaking to MediaNama, a Google India spokesperson said that Play Protect is not a new service and was not launched in India because of any standing instructions from the Indian government. “This (Play Protect) is being rolled out in many regions alongside India and neighbouring countries like Indonesia. This has been happening since the last month in fact, and was launched in India just last week,” the spokesperson added. Several Original Equipment Manufacturers (OEMs), handset companies and telecom operators globally have received the “Play Protect” seal. A list of this is here. Micromax, Yureka (YU), Jio-owned LYF, XOLO, Telenor and Vodafone were the Indian brands to receive the certification, according to Google’s website.

What the ‘Play Protect’ tests and scans ensure users

  • Authenticity of preloaded apps: Compatibility tests verify that the Google apps pre-installed on devices (like smartphones, tablets, etc.) are authentic, and that apps downloaded from the Play Store work as intended. For e.g. smartphone makers who choose Android OS have the option to pre-load different Google apps like Gmail, YouTube, Duo, Allo, etc. onto their models by default. But the device itself needs to be leak-proof at a hardware level and other vulnerabilities need to be singled out. So Google claims that its “Android team” ensures this via compatibility tests.
  • Protection against data leaks malwares and theft: Android permissions and other security architecture receive timely updates from Google. Play Protect certified devices are screened to weed out “pre-installed malware” and include Google Play Protect—a suite of security features like automatic virus scanning and Find My Device. If a user misplaces or loses his/her phone, then using Play Protect users can lock the phone remotely or display a message on the lock screen, and even erase all data remotely.
  • Helps identify intrusive/fake apps and sites: From Google’s side, Play Protect claims to scan billions of apps on Play Store to looks for fake apps and suspend apps that violate user privacy. A certified app will have the ‘Play Protect’ seal under the description of the app on Play Store. Additionally, while using Google Chrome on mobile, websites that aren’t secure (with HTTPS, etc.) will be flagged to the user while browsing in real-time.