Skip to main content
  1. Home
  2. Mobile
  3. News

Google is adding DRM to Play Store apps for offline verification

By
app store reviews google play store
Image used with permission by copyright holder

Google is adding small sections of security metadata to every app that makes it way through the Google Play Store, or other authorized app stores.

The addition comes as part of Google’s continued drive to make Android safer and more secure. 2017 saw Google take down over 700,000 malicious apps, with 99 percent of those apps being removed before any users installed them. That’s pretty good, but Google’s working hard to make sure the Play Store’s security is even more water-tight, and DRM seems to be the answer to that.

Recommended Videos

The word “DRM” — or “digital rights management” — leaves a sour taste in many mouths, and we’ve seen a bunch of companies do questionable things with their DRM over the years. However, it’s important to note what Google attempting to achieve with this addition, and how the DRM helps to keep Android devices safe. Google’s existing app verification methods require a device to be online, but with the addition of small sections of security metadata, Android phones can identify when an app has been verified by the Play Store’s security measures. If that security metadata is missing, then Android can warn the user that the app they’ve downloading doesn’t come from a legitimate source.

Please enable Javascript to view this content

Why all this emphasis on offline verification? With certain markets having reached smartphone saturation levels, Google has shifted focus to developing markets, where smartphones populations are not as dense, and where Android has room to grow with variants like Android Go. Problem is, those areas can lack a consistent mobile data connection, or mobile data itself can be more expensive. Therefore, security measures that rely on a data connection simply won’t fly in those areas.

Related

It seems that Google has come up with a pretty good way of sidestepping the data problem, though it remains to be seen how secure Google’s security metadata is — if the metadata can just be copied by malicious third-parties, then the DRM is pretty useless. Still, we imagine Google’s seen that problem coming, and taken steps to avoid it.

Still, while Google’s security has taken several giant leaps up in the last few years, there are still a few things that you, the user, can do to make sure you’re safe. Check out our list of tips on how to stay safe, and the best antivirus apps for Android.

Editors’ Recommendations

Topics
Mark Jansen
Mark Jansen
Mobile Evergreen Editor
Mark Jansen is an avid follower of everything that beeps, bloops, or makes pretty lights. He has a degree in Ancient &…
The Google Home app is getting a long-overdue feature
The Google Home logo on a Pixel phone.

According to the sleuths over at Android Authority, the Google Home app is about to get a much-needed feature that I'm honestly shocked hasn't been added yet: a search bar.

If you've never used the Google Home app before, it's sort of the command center for all things smart home in the Google smart home ecosystem. If you only have a few smart home devices, it's easy enough to navigate — but if you have an extensive smart home setup, you could have upwards of 50 devices listed in the app. If you don't take time to organize and label them, it gets unwieldy fast.

Read more
Now Playing is the best Google Pixel 9 feature you aren’t using
The Google Pixel 9 standing upright next to an Android statue.

The Google Pixel 9 is here, and if you haven't heard yet, it's excellent. Google did almost everything right this year — releasing phones with gorgeous hardware, excellent cameras, great battery life, and more.

All Pixel 9 phones also come with a host of new AI features. Some of them, like Add Me and Pixel Screenshots, are legitimately great. Others, like Pixel Studio, could have used more time in the oven.

Read more
Security experts just found a massive flaw with Google Pixel phones
A person holding the Google Pixel 8 Pro.

Google is patching a serious firmware-level vulnerability that has been present on millions of Pixel smartphones sold worldwide since 2017. “Out of an abundance of precaution, we will be removing this from all supported in-market Pixel devices with an upcoming Pixel software update,” the company told The Washington Post.

The issue at heart is an application package called Showcase.apk, which is an element of Android firmware that has access to multiple system privileges. Ordinarily, an average smartphone user can’t enable or directly interact with it, but iVerify’s research proved that a bad actor can exploit it to inflict some serious damage.

Read more