Going by official description, Google Play Protect scans your apps and devices in real time to detect and prevent harmful behavior. Based on the nature of harmful behavior detected, Google Play Protect may warn you about a potential breach or deactivate or remove the dangerous app. On some Android versions, Google Play Protect may reset app permissions to secure your private data. Overall, Google Play Protect is presented as the ultimate software to protect your private data.
However, it has often been seen that Google Play Protect has failed to identify malicious apps in a proactive manner. Every year, there are several apps that are removed from Google Play. In July 2022, around 50 apps were removed from Google Play. This is more of a reactive step, instead of a system that can detect malicious apps in a proactive manner. Removing apps at a later stage is damaging, as the app may have already compromised private data of thousands of users.
With such cases occurring every year, it makes us wonder why Google Play Protect has failed to do its job. Independent tests conducted by research firms show that other security platforms such as Avast, AVG, Bitdefender, f-Secure, G Data, Kaspersky, Norton and Trend Micro did a much better job in comparison to Google Play Protect. Here are some possible reasons, as to why Google Play Protect fails to proactively identify malicious apps.
No control on hardware – Unlike Apple that controls both hardware and software aspects of its devices, Google only supplies the OS to smartphone manufacturers. This can lead to security vulnerabilities that may be hard to detect in a proactive manner.
New kid on the block - As compared to other security software platforms that have been in existence for decades, Google Play Protect was launched in 2017. While it's true that Google can hire the best security experts, it may still take some time for Google Play Protect to achieve the same level of security as offered by private software platforms.
Installing 3rd party programs - Many users install software from unverified sources. These can themselves be carrying malware or can be used as a trojan horse for downloading malicious code. Google Play Protect may have limited control over these unverified apps, which may lead to various types of security issues.
Turning off Google Play Protect - While Google Play Protect is switched ON by default, there's an option to turn it OFF. In case of users that choose to turn OFF Google Play Protect, it can put their data to risk.
Too many apps and devices - There are around 3 million apps on Google Play and several thousands are added almost every day. Combine that with thousands of different types of smartphones, having different Android versions. Apparently, it's a massive task to be able to fix security vulnerabilities that may be present in each of these cases.
Reliance on automated systems - Due to huge number of apps and devices, Google relies on automated systems to detect harmful behavior. Private security firms use the same approach, but apparently, they are doing a much better job. Hackers are constantly looking for new security vulnerabilities that can be exploited. This makes the job tougher for Google Play Protect.