The security features of Android 4.2

Posted by Shane McGlaun

Android 4.2 offers improved protection from rogue apps installed via third-party stores.

As the Android operating system grows in popularity,  viruses, Trojans, and other nefarious apps targeting the OS are on the rise. Fortunately, the recently unveiled Android 4.2 (still Jelly Bean) brings with it the launch of the new and more powerful security system integrated into the operating system.

The core component of the new Android 4.2 security suite is a real-time app scanning platform  designed to check running apps before any rogue software can install any malicious code.

Interestingly, the new security features in Android 4.2 appear to fit well with various security measures that Google implemented on the Play Store earlier this year. Indeed, the security on the Google Play Store resides on the server side and constantly analyzes uploaded apps.

On the device side, the new security features keep an eye on instaelled apps - offering a modicum of protection if you download software from somewhere other than the Play Store.

"We view security as a universal thing," Android VP of Engineering Hiroshi Lockheimer told ComputerWorld
"Assuming the user wants this additional insurance policy, we felt like we shouldn't exclude one source over another."

Essentially, the app scanning software  is an opt-in product, so you'll be prompted by a request to verify apps. If you click agree, the security platform will start running and checking out apps you install or run. If for some reason you change your mind at a later point and don't want the security service anymore, you can easily shut it off in the security section of the operating system menu.

So how does the security system work? When an app is loaded, the device sends information identifying the application to Google servers, which then analyze the data and compares it to a database of known apps.

"We have a catalog of 700,000 applications in the Play Store, and beyond that, we're always scanning stuff on the Web in terms of APKs that are appearing," Lockheimer says. "We have a pretty good understanding of the app ecosystem now, whether something's in the Play Store or not."

If the app is loaded from a third-party store is recognized by Google's servers, the installation continues without any issues. However, if the information matches an app known to be dangerous or harmful the system will prevent you from installing it. You'll also be notified if the app is questionable, but not outright dangerous. At that point, you can decide whether you want to continue the installation process.

"The server does all the hard work... The device sends only a signature of the APK so that the server can identify it rapidly,"  Lockheimer added.