Google yesterday (April 11) announced plans to increase security on its Android mobile operating system by continuously monitoring installed apps for malicious or otherwise problematic behavior. This update is an addition to Google's "Verify apps" feature, which already checks all apps for potentially harmful code before installing them on a device.
Why is this necessary? An app might start off as perfectly benign, but then receive updates that change its code, turning it into something other than what you installed, especially if that app comes from somewhere other than the Google Play store.
The post-installation monitoring feature is being pushed out to all devices running Android Gingerbread 2.3 and later with Google Play installed. (Users will not have to wait for a carrier software update.) To disable the feature, you can simply turn off "Verify apps" in an Android device's security-settings menu, but doing so would also disable the device's ability to screen apps upon installation.
Android owners will be able to perform manual scans of installed apps, or schedule regular scans. If the scanner finds something problematic, users will see messages such as "Google recommends that you immediately uninstall this app" or "To protect you, Google uninstalled this app." These will look similar to the other messages that the "Verify apps" feature sends out when it encounters a problem.
"Verify apps" is part of the "service layer" of the Android operating system, which Google compares to a home alarm system. Adding constant on-device monitoring to its service layer brings the Android operating system a step closer to the security found on Apple's iOS platform, which blocks most installed apps from changing code after installation.
Google thinks most people won't need this new feature, as "potentially harmful applications are very rare," it said in a post on the Official Android blog. "But we do expect a small number of people to see warnings...as a result of this new capability."