Google admits it can't fight Android malware by itself

One phone with skull and crossbones on screen among several other clean-looking phones.
(Image credit: Marcos_Silva/Shutterstock)

As the old saying go, the first step toward solving a problem is admitting you have a problem. 

So we'd like to congratulate Google for admitting that Google Play Protect, the antivirus software built into today's Android devices, does a pretty awful job of protecting against malware. We're also happy that Google is asking for help.

Google doesn't spin it quite that way, of course. Today (Nov. 6), it announced the App Defense Alliance, defined as "a collaboration between Google, ESET, Lookout and Zimperium ... created to ensure the safety of the Google Play Store" and "stop bad apps before they reach users' devices."

But weren't Google Play Protect and its server-side counterpart, Bouncer, supposed to do that? Yup — and they failed. 

Google Play Protect can barely protect you on its own

Every month, dozens of malicious apps bypass Bouncer and wind up in the Google Play Store. Google Play Protect itself detected barely more than half of malware samples on Android devices in German lab AV-Test's most recent evaluations

Every single other app stopped at least 99.6%. In our own roundup of the best Android antivirus apps, our verdict on Google Play Protect is "Please use something else."

So this development is excellent news. ESET, Lookout and Zimperium "can send a request to the Google Play Protect scanner service to have an app analyzed," Google says in its blog posting. 

More significantly, the data flows the other way, so Google will be able to augment Google Play Protect with the other firms' scanners.

AV-Test found that ESET Endpoint Security, the enterprise variant of ESET Mobile Security & Antivirus, detected 99.7% of "real-time" Android malware and 100% of Android malware samples collected over the previous few weeks. 

That should greatly improve Google Play Protect's batting average. (We don't have recent test results for Lookout or Zimperium, but we do give Lookout Security & Antivirus 3 out of 5 stars.)

You scratch my back, I'll scratch yours

What do the other firms get out of this arrangement with Google? Lookout's own blog posting states that "with this new partnership, Lookout can stop malicious apps before they become a threat by scanning apps submitted to the Google Play Store before they are available for users to download."

Right now, not many third-party Android antivirus apps have that ability. The only one we know of is Norton Mobile Security with its App Advisor, which we've singled out as a killer feature. Gaining this ability helps ESET, Lookout and Zimperium catch up — and the App Defense Alliance lets Google Play Protect catch up with the rest of the crowd.

Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.