An update to Google’s Play Protect has been released, and the company has revealed that it will now offer real-time scanning at the code level. This will allow Google to combat newly discovered harmful apps before users download and install them on Android devices.

“Google Play Protect will now recommend a real-time app scan when installing apps that have never been scanned before to help detect emerging threats,” according to the technology company.

Google Play Protect serves as a built-in, no-cost threat detection service, diligently scanning Android devices for potentially harmful applications sourced from the Play Store or external sources. This service, developed by Google, is readily available to all Android users. In exceptional cases, it may even prevent the installation of such apps, adding an extra layer of security.

[FREE E-BOOK] The Definite Blueprint for Cybersecurity in Manufacturing

The newly introduced real-time code-level scanning represents a noteworthy expansion of the pre-existing security measures. Before this update, users were alerted when attempting to install apps with a known harmful history based on scanning intelligence or when an app raised suspicions through on-device machine learning algorithms. This latest enhancement with real-time scanning further solidifies Android’s defence against emerging threats.

Google Play Protect

Key signals extracted from the application are subjected to the latest and most robust security measures. These signals are subsequently relayed to the Play Protect backend infrastructure for a real-time comprehensive code-level assessment. This meticulous review process aids in determining the safety of the app, allowing users to make informed decisions about whether to proceed with the installation or exercise caution due to potential hazards.

“This enhancement will help better protect users against malicious polymorphic apps that leverage various methods, such as AI, to be altered to avoid detection,” Google said, adding that the functionality is being pushed out in certain countries, starting with India.

This security upgrade arrives at a critical juncture as threat actors persistently seek new avenues to disseminate Android malware. They frequently employ tactics like sharing deceptive links or distributing APK files through messaging applications, underscoring the importance of robust security measures.

Moreover, this update coincides with recent changes to the Android Security Paper. The Android Security Paper offers a comprehensive insight into the platform’s multifaceted, proactive security measures, encompassing aspects like hardware security, anti-exploitation techniques, Google Security Services, and a suite of management APIs catering to the needs of both businesses and governmental organizations.


Rhyno delivers a range of activities that combine to fully protect your infrastructure and data from cybercriminals, anywhere and everywhere, 24/7/365.


About Rhyno Cybersecurity Services

Rhyno Cybersecurity is a Canadian-based company focusing on 24/7 Managed Detection and Response, Penetration Testing, Enterprise Cloud, and Cybersecurity Solutions for small and midsize businesses.

Our products and services are robust, innovative, and cost-effective. Underpinned by our 24x7x365 Security Operations Centre (SOC), our experts ensure you have access to cybersecurity expertise when you need it the most.

This website uses cookies to improve your online experience. By continuing, we will assume that you are agreeing to our use of cookies. For more information, visit our Cookie Policy.

Privacy Preference Center