Earlier this year, Google's Play store for Android apps was described as a "chaotic cesspool" by rival mobile OS purveyor BlackBerry.
Harsh words -- yet words that seem to have found their way to Mountain View because Google is tightening the screw on rogue developers in a bid to clean up the malware-harbouring streets of its Play store.
As of June this year, security company Trend Micro reported that it had collected more than 25,000 samples of Android malware -- double what it had expected to dredge up in its malware catching nets.
According to Trend Micro, the most common types of dodgy Android apps it nabbed were premium-rate service abusers, adware and data stealers. Meanwhile, just last month an Android Trojan infected 100,000 users in China, and spammers managed to create an Android botnet to fire off their missives on the sly.
Google has decided tougher action is called for to combat the Android malware scourge. Specifically, it's cracking the whip over developers by tightening the rules for Play store apps.
According to a post on the Android Central blog, Google has emailed all Play store developers, informing them of the new policies -- and warning them they have 30 days to comply or face having infringing apps unceremoniously pulled from Play. Any new apps or app updates must comply straight away.
The new Play developer policy gives more details of the kind of apps Google is seeking to banish from Play. For example, the policy notes: "We don't allow unauthorized publishing or disclosure of people's private and confidential information, such as credit card numbers, Social Security numbers, driver's and other license numbers, or any other information that is not publicly accessible."
Google is also redoubling its efforts to combat spamming and keyword stuffing, writing: "Product descriptions should not be misleading or loaded with keywords in an attempt to manipulate ranking or relevancy in the Store's search results."
Another anti-spam section reads: "Do not send SMS, email, or other messages on behalf of the user without providing the user with the ability to confirm content and intended recipient."
Google is clamping down on the use of app names or icons that are confusingly similar to existing Android system apps -- again seeking to nix apps that are wilfully misleading Android users.
In a section entitled 'Impersonation or Deceptive Behavior', the policy reads: "Don't pretend to be someone else, and don't represent that your app is authorized by or produced by another company or organization if that is not the case. Products or the ads they contain also must not mimic functionality or warnings from the operating system or other applications. Developers must not divert users or provide links to any other site that mimics or passes itself off as another application or service."
"Apps must not have names or icons that appear confusingly similar to existing products, or to apps supplied with the device (such as Camera, Gallery or Messaging)," it adds.
The new policy includes a section tightening up ad behaviour in apps, which includes the following strictures: "Ads must not make changes to the functioning of the user's device outside the ad by doing things such as installing shortcuts, bookmarks or icons or changing default settings without the user's knowledge and consent. If an ad makes such changes it must be clear to the user which app has made the change and the user must be able to reverse the change easily, by either adjusting the settings on the device, advertising preferences in the app, or uninstalling the app altogether. Ads must not simulate or impersonate system notifications or warnings."
The ad section also prohibits forcing ad clicks or requiring an app user to submit info just to use the app.
Are you an Android owner who's worried about dodgy apps? Do you exercise restraint when browsing Play and avoid downloading dubious-sounding apps -- or do you click first, worry later? Let me know your thoughts in the comments below or chat over on our Facebook page.
Android App 
RSS Feeds 
iPhone App 
Newsletters 
Comments 12
Add your comment
anonymous 3 August, 2012 12:06
The NEW Goggle policy says this :
"We don't allow unauthorized publishing or disclosure of people's private and confidential information, such as credit card numbers"
What was their previous policy..?? .' come on in, help yourselves , we just wanna out sell iTunes Ap store '
bizmobile 3 August, 2012 12:27
it amazes that they don't check whats being published in their store. The amount of dogdy apps puts me buying an android device.
@bizmobile
shauney3 3 August, 2012 12:30
Great news. Not a walled off Garden but a bit of order. Looks like they are getting the balance just right...
anonymous 3 August, 2012 13:22
"We don't allow unauthorized publishing or disclosure of people's private and confidential information ..."
I don't read any restrictions there on *harvesting* such information though :-(
damien2501 3 August, 2012 14:36
Ah so Apple were right in the first place restricting dodgy apps. Google just finding that out
Ruffus Stone 3 August, 2012 15:44
Wasn't it at this years CES or somesuch Tech gig, that a Google executive let slip that they regret not making Android a walled garden from the beginning? That message was quickly stamped on IIRC.
Not only was it a mistake to go "open" from a quality and security viewpoint, they've lost out in hundreds, if not billions of $$ from being restricted to just selling licences.
Google Play is an attempt to claw back some of that lost revenue.
anonymous 4 August, 2012 02:46
'bizmobile
it amazes that they don't check whats being published in their store. The amount of dogdy apps puts me buying an android device.'
There is a reason for the free ability to develop android apps without having to pay for the deployment....
anonymous 4 August, 2012 06:03
I have got an android smartphone and i'm downloading apps from google play? Do I hve to pay anything to download applications from it? for example: to download one india app from google play it will be charged....?
anonymous 5 August, 2012 14:07
Crazy idea here, do due diligence on what you download. Download apps from trusted developers, read reviews, do research on tech sites. It's not that difficult. People just expect these companies to hold their hands and take responsibility for people's inability to just look after themselves and their tech.
Not sure what the basis is for suggesting Google don't check what is published? What exactly is Bouncer then? And am I wrong in thinking that Apple have also had problems with dodgy apps. No system is perfect. The only way to be safe is to inform yourself and take responsibility for yourself.
Also, CNet still talking about the Android 'botnet' but still not reporting what both Google and Lookout said on the matter, which is really poor.
And another thing, it's not difficult or expensive to get a good security app on your Android device.
Honestly, people just need to think a bit more and not expect someone else to do all the hard work all the time.
Ruffus Stone 6 August, 2012 00:01
@anonymous 5 August, 2012 14:07
".....And am I wrong in thinking that Apple have also had problems with dodgy apps....."
They've had a small handful, that have been stopped and deleted.
Kind of insignificant compared to over 25,000 detected so far on an unregulated free for all platform, with no attempt to stop it until now.
The problems are that Google Play isn't the only source of Apps for the Android OS and that it's open season for the nasty people to exploit these weaknesses.
anonymous 6 August, 2012 10:29
What about Jail broken iphones?
How can you say Google haven't made an attempt, what is Bouncer?
And my point on iOS is that even with tighter control dodgy apps still get through.
Do you not agree that common sense, taking responsibility for one's self and due diligence would solve 95% of this problem?
There's also no excuse when there are a range of FREE security apps that will automatically scan downloaded apps before installing.
anonymous 9 August, 2012 00:43
Google should vet every app that developers put up on Play to ensure that the apps aren't stealing data or doing anything else untoward, just like Apple does.