Categories: Security

Are Secret Keys in Google Play Still an Issue for Users?

It’s much easier and faster for app developers to publish an app on Google Play than on competitor’s app stores, which is why the Play store remains a popular place for the latest apps. Because of this, though, some malicious apps can get through. Thousands of users may download a malicious app before Google is able to remove it from the Play store. To ensure that your device stays protected against malicious apps, you should scan your device for malware after downloading a new app. Use Full Virus Scan to check your phone and SD card for any hidden threats:

A few years ago, one of these security threats included the discovery of secret keys hidden in Android apps. This was a major issue in 2014, and it left many worried about the security of their online accounts and how safe their private information really was. In this instance, it was discovered that many apps stored secret keys (such as password and username data) in their app software, which left users’ data vulnerable. This user data could then be used to steal data from Facebook or Amazon, among other websites. The Airbnb app, for example, left users’ private information exposed, which then revealed connected services such as Google, Yahoo, or LinkedIn.

Read More: How to Change Your Default Apps on Android

Back then, Android app developers didn’t have to submit their app for review before publishing their app on Google Play. Now, app developers must have Google approve their app before it can be published. This helps to cut down on malicious and unsafe apps in the Play store — yet that doesn’t mean that the Play store is 100% secure. Hidden malware, such as the Judy malware, is being discovered all the time.

App developers have been strongly advised over the years against storing secret keys in apps because of the security risks involved to themselves and their users. Thus, this issue should no longer be a concern when using major apps downloaded from the Play store. Google has made many efforts over the years to direct developers to remove secret keys from their software. Android also has a Keystore system for developers to use to make their apps more secure for their users. This helps to prevent unauthorized individuals from accessing key data.

PSafe Newsroom

The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.

Recent Posts

Vulnerabilities in Cyber Security: what they are and how to fix them?

Learn all about one of the hackers' favorite breach method and keep your company safe…

1 year ago

3 ways to recover deleted photos on Android

Have you ever wondered how to recover deleted photos on Android? After all, the lack…

1 year ago

What is worm?

Digital worms are among the most serious threats in the wild kingdom of the Internet.

2 years ago

Spoofing: What’s it all about?

Spoofing is a fairly sophisticated virtual scam that can fool even the most cautious and…

2 years ago

Careful With That QR Code! Five Steps For QR Code Safety

Five Steps to Reduce QR Code Risk! Step one? Read this article…

2 years ago

Pharming: Phishing’s Nasty Big Brother

Pharming is creating a new, dangerous brand of impostor syndrome. Check how to avoid pharming…

2 years ago