Google has announced a series of advanced security features in Android 15 designed to protect users from scams and malicious apps. One of the significant updates is the enhancement of the Play Integrity API, allowing developers to ensure their apps are safe from other apps that might capture the screen, create overlays, or control the device. This API also checks if Google Play Protect is active and if the user’s device is free of known malware before performing sensitive actions.
Additionally, Android 15 expands the restricted settings feature introduced in Android 13, now requiring user approval before enabling permissions for sideloaded apps from web browsers, messaging apps, and file managers. This move targets banking trojans that abuse accessibility services to perform overlay attacks and disable security mechanisms. Despite ongoing efforts by threat actors to bypass these safeguards, Google’s continuous improvements aim to stay ahead of malicious tactics.
Google is also piloting enhanced fraud protection in regions with high rates of internet-sideloaded malicious app installs, blocking apps that use permissions commonly abused for financial fraud. Moreover, Android 15 introduces cellular security alerts to notify users if their network connection is unencrypted or if a bogus cellular base station is detected. These features are being rolled out in collaboration with ecosystem partners.
Screen sharing controls are also being tightened, with Android 15 automatically hiding one-time passwords (OTPs) sent via SMS from notifications during screen sharing. This closes a common attack vector for fraud and spyware. To further bolster security, Google is enhancing Play Protect’s on-device AI with live threat detection, which analyzes behavioral signals and interactions with other apps to identify suspicious activities. This real-time scanning capability allows Google Play Protect to flag and disable malicious apps, providing robust protection against emerging threats.
