We use cookies on our websites. Information about cookies and how you can object to the use of cookies at any time or end their use can be found in our privacy policy.

7 min read 3 comments

Proceed with caution: How to spot a fake in the Play Store

Google has proudly reported that it once again banned a number of malicious or misleading apps from the Play Store last year. But they’re still a long way away from providing a quality defense against malware. The search for the right app in the Play Store is still a matter of intensive research and having the right information. In this article we’ll try to define some basic principles that should help guide you along in your app research.

The Play Store has become an ugly place. It was once considered a place where you could find answers. Does your phone need a new feature? Okay, just go to the Play Store, try out some apps and you’ll be able to solve the initial problem. Now it’s not so easy. Crooks can falsify positive ratings, buy themselves a high ranking and sometimes copy other apps that are actually good.

As the operator of the Play Store, Google for the most part still relies on purely atuomated forms of quality assurance. Algorithms analyze new apps and updates of known code fragments or behavioral patterns, much like a virus scanner does in Windows computers. If an automatic alarm is signaled, the app will likely be sent back to the developer.

The system ensures that 99 percent of all malicious apps don’t reach users via the Play Store, or that’s at least what Google states in its latest blog post. The algorithms have become a bit smarter thanks to machine learning. At this point, the algorithms are able to detect fake identities, inappropriate content and new types of malware.

Creators of malware are better organized

In 2017 examples such as SonicSpy showed that malware creators and networksare literally bombarding the Play Store with malware. Google now wants to address these interrelationships. The report goes on to say that Google recognizes “repeat offenders and abusive developer networks" and has already banned 100,000, which has made it more complicated to create a new developer account.

But how do I recognize bad apps?

Flashlight apps are obsolete

Certain apps and games are particularly vulnerable to abuse. Flashlight apps in particular have benefited from users’ careless habits. Usually users are informed of the app’s permissions before installation, although since 2015 they are sometimes only informed once they've started using it. A few months ago there were a large number of flashlight apps that also wanted to be able to send an SMS. Enough users accepted this obviously fraudulent permission and got caught in a trap. The flashlight app could then send premium SMS messages and earn money for the app developers.

play store bad apps 2
Certain app categories are particularly susceptible to fraud. / © AndroidPIT

At the same time, most flashlight apps actually only have camera permission. This makes sense because the LED connected to the camera is controlled via the camera permission. However, not all users know that a flashlight app has already been given to them. It’s probably already in your smartphone’s Quick Settings. Just pull your finger down from the top of the screen and look for the small flashlight silhouette.

P9 quick settings
The flashlight is already integrated in the Quick Settings of most Android smartphones, which makes these apps unnecessary. / © AndroidPIT

If you install a flashlight app anyway, it will probably interrupt its actual function with several commercial breaks. Advertising in apps is tolerable to a certain extent, but the added value that the app provides must be commensurate with the number of advertising interruptions. With such a superfluous app, there is no reason to tolerate advertising.

Booster and cleaner apps are inherently useless

If your memory is full, your phone is slow or the Wi-Fi isn’t good enough, there are well established solutions to your problems. The Play Store won’t provide any answers. We have an article on each of these topics, as they’re among the most common problems with smartphones. Other media have also written very good reports on this.

App creators, however, have found successful ways to profit by creating completely useless and sometimes harmful apps in the Play Store.

play store bad apps 1
Have you ever downloaded a battery and charged your phone? DU apps claim they can do it. / © AndroidPIT

Optimization apps are making a profit out of your desperation. Whatever they say works must be able to help your battery. Cheetah Mobile was able to record several hundred million downloads doing this, and the boss of the company has twice stated outright that the app is no good.

The reason is that apps can't work miracles. Android has a so-called sandboxing principle. Each app works in its own capsule and must not interfere with the system in any way that could prolong battery life. In this respect, we have already been provided the optimizations by Android and the smartphone manufacturer.

However, poor performance is often due to the fact that an app consumes a lot of energy. If this is the case, you should identify the app and just uninstall it. You can probably find a more economical alternative to it, which leads us to the next problem....

Copies and counterfeits pretend to be alternatives

While looking for popular games like Solitaire, Tetris or Bubble Poppers I recently noticed it again: it is practically impossible to search for apps with the Play Store's search tools, because...

  • You can’t hide apps with advertisements or in-app purchases.
  • The average score is worthless because it can be generated in click farms.
  • It is rarely explained why the app requires certain permissions.
  • You never know whether in-app purchases are a one-time thing or recurring as well as what they'll provide you.

And even worse, the apps rarely offer what you expect. Most Bubble Poppers end up being just a loot box system with pointless in-app purchases.

bubble witch saga 2
In the Bubble Witch 3 Saga the virtual witch's cottage will cost you extra. / © AndroidPIT

Most games are good for the first few minutes. With some luck they’ll be easy to play for a few hours. And then suddenly they’re asking for cash. If they stuck with a one-time in-app purchase that would unlock all the remaining levels like in Super Mario Run and then never asked for money again, everything would be fine. But a lot of games drive you into virtual bankruptcy, which could cost you a lot of money in real life.

The fact that Google remains neutral about this can be demonstrated in the Google Play Awards 2017, where several titles included in the top list of the year display high predatory economic models.

And what makes a good app?

A reasonable app will explain to you at the beginning if you have to pay for anything. Google has placed small references to ‘In-app purchases’ right next to the download button. In the app descriptions below you can see an app’s price range.

in app purchases
Unfortunately, Google doesn't list you what you can actually buy as an in-app purchase. / © AndroidPIT

There are issues with both permissions as well as advertising. The developer should ideally justify the necessary permissions in the description of the app (like in Threema, for example). They have to be explained in accordance with the app’s functions. A flashlight shouldn’t need to send SMS messages and a Bubble Popper shouldn’t need access to your camera or microphone, let alone your contact list.  

Google should more precisely identify ads: are they just small banners on the edge or are they full-screen ads? Are there videos or just static content? In the worst case, the advertisements steal the screen for several seconds or cause you to accidentally press on them and waste precious data. Does the app actively encourage you to press on ads to get bonuses? Don’t let them exploit you!

Conclusion: App research is about having the right information

The list of things to consider hasn’t become any shorter in recent years. App creators with deviant motives to make profits are becoming smarter at the same rate as Google’s anti-malware team. So the user still has to be incredibly careful with banal things like finding the right Solitaire app for Android until things improve.

What's your story? Have you ever fallen into a bad advertising trap? What do you pay attention to when searching for new apps? Or have you given up completely and only install apps that you already know?


Write new comment:
All changes will be saved. No drafts are saved when editing

  • Since I'm not too much of a game player, I have the opportunity to read up on a app, before I install it. I go to android websites, such as this one(Xda's my favorite though, I tweak a lot), and read upon the app, even the comments before I install. This keeps the fakes away. Always do your homework first.

  • Sandra 9 months ago Link to comment

    I agree! I think they (some) do it purposely confuse us. A new app dev could make their own icon with a copyright (even one that is not visible to the consumers) so that this won't keep happening... people who violate the copyright law would be in a lot of financial trouble and can be outed as being thieves... etc. Just my 0.02

  • I try to remember, and wish all tech media reviewers would have a policy, to identify the developer of the "real" app so that reviews or recommendations would not lead users into a swamp of identically named or iconified phony apps listed with the real one on Google Play.

Recommended articles