Android 14 beefs up mobile malware protection — what you need to know

Google Pixel 7 Pro
(Image credit: Future)

Staying safe from malicious apps spreading malware is about to get a whole lot easier for Android smartphone users once the latest version of Google’s mobile operating system begins rolling out later this year.

Following this week's launch of the Android 14 Developer Preview 1, we now know a bit more about the new malware-blocking techniques coming to the best Android phones. By preventing malware from being installed on your smartphone in the first place, you will be much less likely to fall victim to fraud or even identity theft as the result of installing a bad app.

In a new blog post, Bitdefender points out that all apps will be required to clearly state how they plan to use your phone’s features once you upgrade to Android 14. This information will likely appear in an app’s listing page on the Google Play Store which will make it easier for Android users to make decisions about whether or not they want to install a new app.

At the same time, the way in which apps exchange data with other apps in Android 14 will be much more controlled than in previous versions of the operating system to prevent unauthorized access between the different apps installed on your smartphone.

Read-only mode for downloaded files

Another big change coming to Android 14 on the security front is that additional files downloaded by the apps on your smartphone can only be accessed in read-only mode. This means that no changes can occur without you giving an app permission to make them.

More specifically, all Android 14 apps that use Dynamic Code Loading (DCL) “must be marked as read-only” according to Google’s documentation. Likewise, Google is recommending that developers avoid dynamic loading code when possible as using it can increase the risk of an app having code injecting into it or an attacker tampering with an app’s code.

The software giant is also working to combat malicious apps that are designed with older API (Application Program Interface) levels in mind, as this is a trick attackers use to target Android smartphones running outdated systems that could have unpatched vulnerabilities. This change will impact users, too, as they won’t be able to install apps that haven’t been updated in a long time.

How to stay safe from malware on older versions of Android

A hand holding a phone securely logging in

(Image credit: Google)

If you’re not quite ready to upgrade to a new smartphone and your device is no longer receiving new Android updates, there are still a few steps you can take to stay safe from malicious apps spreading malware.

First off, you want to make sure that Google Play Protect is enabled on your devices as this pre-installed app from Google constantly scans both your existing and new apps for malware. For extra protection though, you may also want to install one of the best Android antivirus apps as well.

When it comes to installing new apps, you'll want to check their reviews and ratings in the Play Store first before looking for external reviews online. Video reviews are particularly useful as you can see exactly what an app does on your smartphone before installing it. However, you'll also want to avoid sideloading apps you’ve downloaded from the internet, as they could contain malware or other viruses.

Google is constantly working to make Android smartphones as secure as the best iPhones and these changes in Android 14 will likely give the operating system a leg up when it comes to preventing users from downloading malicious apps.

Android 14 is due out later this year, after a beta process that should run throughout the spring and summer.

Anthony Spadafora
Senior Editor Security and Networking

Anthony Spadafora is the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to password managers and the best way to cover your whole home or business with Wi-Fi. Before joining the team, he wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.