This episode of Android Bytes, we're talking about mobile app security. Android has a lot of robust, built-in mechanisms that protect against exploits and security vulnerabilities, but there's only so much it can do to protect against misuse of sensitive permissions and APIs. Google augments Android's protection mechanisms with Play Protect, a service that looks out for potentially harmful applications.

Brian Reed, Chief Mobility Officer from NowSecure, joins us on the show to explain how Android and Google Play Protect work together to secure your device.

• 2:05 - How does Android's app security model work at a platform level?
• 3:27 - What does NowSecure do?
• 4:16 - How does Android sandbox apps?
• 5:30 - How does Android's security model compare to other platforms?
• 7:24 - How does sideloading affect Android security?
• 13:28 - How is Google Play Protect distributed to GMS Android devices?
• 14:17 - What is the App Defense Alliance (ADA)? What is static and dynamic analysis?
• 17:12 - What are the reverse engineering/disassembly tools security firms use to analyze Android apps?
• 18:55 - Why is dynamic analysis important?
• 24:05 - What is a potentially harmful application (PHA)?
• 25:32 - What is a mobile bundled application (MHA)? Are there any security risks?
• 27:42 - What can developers do to protect their Android apps from hackers?

Additional links mentioned in the show:

• nowsecure.com/masa (Get your Mobile Application Security Assessment)
• academy.nowsecure.com (Learn about mobile app security)
• owasp.org (Open Web Application Security Project)

About the Podcast

Android Bytes (powered by Esper)

A weekly show that dives deep into the Android OS

Android Bytes (powered by Esper) is the podcast that dives deep into the engineering and business decisions behind the world’s most popular OS. 

Android powers over 3 billion devices worldwide and is the platform of choice for over a thousand companies. You’ll find Android on smartphones, tablets, watches, TV, cars, kiosks, and so much more. How does Google architect Android to run on so many form factors, and how do companies fork AOSP to make it run on even more devices? These are the kinds of questions the Android Bytes podcast considers each week.

Join cohosts Mishaal Rahman and David Ruddock, two journalists with extensive knowledge covering the Android OS platform and ecosystem, as they speak to system architects, kernel engineers, app developers, and other distinguished experts in the Android space.

Get in touch with us at Esper if you’re looking to use Android device management for GMS or non-GMS devices — we have the experience you need.

Our music is “19” by HOME and is licensed under CC BY 3.0.