Google cracking down on dodgy Android apps

Earlier this year, Google's Play store for Android apps was described as a "chaotic cesspool" by rival mobile OS purveyor BlackBerry.

Harsh words -- yet words that seem to have found their way to Mountain View because Google is tightening the screw on rogue developers in a bid to clean up the malware-harbouring streets of its Play store.

As of June this year, security company Trend Micro reported that it had collected more than 25,000 samples of Android malware -- double what it had expected to dredge up in its malware catching nets.

According to Trend Micro, the most common types of dodgy Android apps it nabbed were premium-rate service abusers, adware and data stealers. Meanwhile, just last month an Android Trojan infected 100,000 users in China, and spammers managed to create an Android botnet to fire off their missives on the sly.

Google has decided tougher action is called for to combat the Android malware scourge. Specifically, it's cracking the whip over developers by tightening the rules for Play store apps.

According to a post on the Android Central blog, Google has emailed all Play store developers, informing them of the new policies -- and warning them they have 30 days to comply or face having infringing apps unceremoniously pulled from Play. Any new apps or app updates must comply straight away.

The new Play developer policy gives more details of the kind of apps Google is seeking to banish from Play. For example, the policy notes: "We don't allow unauthorized publishing or disclosure of people's private and confidential information, such as credit card numbers, Social Security numbers, driver's and other license numbers, or any other information that is not publicly accessible."

Google is also redoubling its efforts to combat spamming and keyword stuffing, writing: "Product descriptions should not be misleading or loaded with keywords in an attempt to manipulate ranking or relevancy in the Store's search results."

Another anti-spam section reads: "Do not send SMS, email, or other messages on behalf of the user without providing the user with the ability to confirm content and intended recipient."

Google is clamping down on the use of app names or icons that are confusingly similar to existing Android system apps -- again seeking to nix apps that are wilfully misleading Android users.

In a section entitled 'Impersonation or Deceptive Behavior', the policy reads: "Don't pretend to be someone else, and don't represent that your app is authorized by or produced by another company or organization if that is not the case. Products or the ads they contain also must not mimic functionality or warnings from the operating system or other applications. Developers must not divert users or provide links to any other site that mimics or passes itself off as another application or service."

"Apps must not have names or icons that appear confusingly similar to existing products, or to apps supplied with the device (such as Camera, Gallery or Messaging)," it adds.

The new policy includes a section tightening up ad behaviour in apps, which includes the following strictures: "Ads must not make changes to the functioning of the user's device outside the ad by doing things such as installing shortcuts, bookmarks or icons or changing default settings without the user's knowledge and consent. If an ad makes such changes it must be clear to the user which app has made the change and the user must be able to reverse the change easily, by either adjusting the settings on the device, advertising preferences in the app, or uninstalling the app altogether. Ads must not simulate or impersonate system notifications or warnings."

The ad section also prohibits forcing ad clicks or requiring an app user to submit info just to use the app.

Are you an Android owner who's worried about dodgy apps? Do you exercise restraint when browsing Play and avoid downloading dubious-sounding apps -- or do you click first, worry later? Let me know your thoughts in the comments below or chat over on our Facebook page.