Google's Play Developer Security Solution Is a Good Start

 Google's Play Developer Security Solution Is a Good Start


Google recently has begun requiring added verification for Google Play developer accounts—a response to malicious parties creating batches of accounts to sell—but it could be doing more.


Developer account security on Google Play hasn’t had the best track record, with basic sign-up not requiring any form of contact detail verification. Some groups were exploiting this oversight to create multiple accounts, then selling those accounts to people who would upload malware, scam apps, and so on. Google developer account creation to require contact info verification for new accounts, but it’s more of a decent start than a complete answer to ongoing issues.


"It is a move in the right direction for Google as it starts to protect its source of revenue," said Katherine Brown, the founder of, in an email interview with Lifewire, "It will also protect users from sketchy or malicious apps featuring in the marketplace as they will be removed."


By requiring new Google Play developer accounts to verify their contact information, Google is making it more difficult (though not impossible) to easily create multiple accounts at once. Making verification an option for existing accounts also helps to better protect legitimate developers from hacking attempts and fake accounts that may co-opt their identity.


Two-step verification is also planned for August 2021, and will be required for all new developer accounts once implemented. The added hurdle will make it even more difficult (though still not impossible) for bad actors to take advantage of Google Play account creations, though it hasn’t taken effect yet.

http://www.ttl.co-re.de/forum/showthread.php?tid=65381&pid=294469#pid294469

"The solution implemented by Google is promising, and it is a good start to deal with cyber hacks," said Harriet Chan, co-founder of, in an email interview, "It would be better if they embed this technique as quickly as possible."

https://www.pesbox.com/showthread.php?t=3476&p=63811&viewfull=1#post63811

Google is planning to make contact detail verification and two-step verification mandatory, even for established developer accounts, later this year. This will likely deter many from creating batches of fake developer accounts, but multiple burner accounts is only one of Google Play’s many problems.

https://nws-online.proboards.com/thread/5163/rule-waves-rtw2-exe-virus?page=1&scrollTo=84265

A mountain of one-off burner accounts and fake developer accounts have contributed to Google Play’s security issues, to be sure. Many of these types of accounts have been used to trick users into downloading malicious apps they thought were legitimate, upload scam apps, etc. Adding contact info and two-step verification doesn’t do much to address other problems like app cloning or developer account hijacking, however.

https://supplement477.blogspot.com/2018/08/httpwwwfeedforallcomforumviewtopicphpp7.html?showComment=1625472474944#c404583158395133929

"This news raises quite a few questions about what Google's intentions are and what these changes mean for both developers and users," Brown went on to say. "Topics like fake apps with fake reviews (often bought by spammers) will still exist. Google has been promising to tighten things up for some time, but this latest change has only set a date for when the update will happen."

https://bestsumppumps.blogspot.com/2015/08/sump-pump-alarm.html?showComment=1625473335282#c4797046758371793836

While Google’s new developer account security measures will definitely help, there’s more they can, and should, be doing to deal with the rest of Google Play’s known issues. Brown suggests an option for developers to tell Google they’re verified when reporting malware and spam apps, as well as having Google step in during "extreme" circumstances. This would make it easier for Google to learn of and deal with malicious apps, while also giving vetted developers a more reliable way to report questionable apps and accounts.

https://collectingmemoriess.blogspot.com/2016/04/chocolate-peanut-butter-mousse-cake.html?showComment=1625473792621#c3410452169523124885

Chan wants to address account hacking and interruptions more directly, suggesting even stronger multi-factor authentication requirements like codes and facial recognition. Token-based authorization and certificate-based identification were also recommended as a means of providing developer accounts with even more solid user verification. These measures would make it far more difficult to take control of an established developer’s account, and potentially prevent malicious software being uploaded in their name.

https://sewcraftyjess.blogspot.com/2015/03/sponsor-sales.html?showComment=1625474290933#c4135700214935227280

In the end, both Brown and Chan agree that Google has a promising start, and hope the developer account security improvements won't end here.

https://www.blogger.com/comment.g?blogID=5112951555998191786&postID=9169379963324949588&page=1&token=1625474820064&isPopup=true

also known as 2-step verification, is an important line of defense in stopping hackers and criminals from accessing your accounts. It's important you set it up on all your accounts. Here's how to set up 2 factor authentication for a Google account, and learn why it's so useful. 

https://upekah.blogspot.com/2011/09/dichloroacetic-acid-dca-potential.html?showComment=1625475366964#c4823530788413601777

Google was one of the first companies to introduce 2 factor authentication to its services. It requires people logging in to have access to a physical device like a smartphone, as well as virtual passwords, and is typically one of the best ways to prevent unwanted access to precious accounts. 

https://twentysevendecoding.blogspot.com/2020/01/kobe-bryant-died-today-1262020-at-age.html?showComment=1625475840548#c8336166285306687833

It makes things much harder for anyone to access your content and only takes seconds to set up and use. 

https://thediaryofmycloset.blogspot.com/2017/10/pink.html?showComment=1625476229583#c6155016098397607718

Google two-factor authentication adds an extra layer of security by requiring you to have both your password and a special security key to access your accounts. This is generally done by Google sending you a verification code that's specific to your account. They're sent to your phone via text, through voice call, or via the app, with each code only usable once. 

https://rosemary-thyme.blogspot.com/2020/11/woodsy-fall-tablescape.html?showComment=1625557089501#c6482436459434858685

Adds an extra layer of security to your personal online accounts that you regularly sign in with using an email address/username and password. By enabling this extra security feature, you can essentially prevent hackers from accessing your accounts if they happen to obtain your sign-in details.

https://nutsfromthefamilytree.blogspot.com/2015/11/a-lesson-learned-about-proof-from-dar.html?showComment=1625557364604#c6195855760287652007

Over the past few years, several popular online platforms have added two-factor authentication to their security features to better protect their users. Enabling it typically involves adding a mobile phone number to your account. When you sign in to your account from a new device, a unique code will be texted or phoned to you, which you'll use to enter into the site or app for verification purposes.

https://inuscreepystuff.blogspot.com/2011/08/pale-luna.html?showComment=1625557527984#c6367141351702279646

Having a isn't enough to guarantee protection online these days, so enabling two-factor authentication on every online account that allows you to do so is always a good idea. 

https://teacheristatales.blogspot.com/2011/08/organizational-teacher-binder.html?showComment=1625557716031#c5510908111733321053

Here are 10 of the most popular online platforms that offer this extra protective security feature plus instructions for how to set them up.

https://techword678.blogspot.com/2020/03/webroot-secureweb-browser-download-for.html?showComment=1625557869015#c3908453949038895224

When you enable two-factor authentication on your, you add a layer of protection to all your accounts that you use from Google, including Gmail, YouTube, Google Drive, and others, as well as your framework. Google allows you to set up two-factor authentication to receive verification codes by text or automated phone call on a mobile device.

https://rohitdynamics.blogspot.com/2014/07/how-to-fix-normal-0-false-false-false.html?showComment=1625558035040#c5680075831785859053

You can set up two-factor authentication for your on the web or from within the mobile app. Facebook has several authentication options available, but for simplicity's sake, we'll stick with showing you how to enable it with SMS text messages.

Comments

Post a Comment

Popular posts from this blog

Why I Want Elgato's Stream Deck MK.2

  Why I Want Elgato's Stream Deck MK.2 Elgato’s Stream Deck is a little grid of clicky keys, topped with LCD screens, which you hook up to your computer. What can it do?  Anything . And I totally want one. https://www.blogger.com/comment.g?blogID=8932317&postID=3334165337164947083&page=1&token=1626504471259 Elgato just announced the Stream Deck MK.2, a 15-button unit that sells for a very reasonable $150. Like previous units, its flexibility means you need to spend a little time getting set up, or even deciding what to do with it. But once you do—so its fans say—you won’t want to go without it ever again.  https://online1computers3.blogspot.com/2009/02/stock-watch-bluefly-gains-on-msn.html?showComment=1626504785581#c1792575617598657499 The MK.2 adds interchangeable faceplates to go with the custom icon packs that are already available, and you can set up a screensaver for those little buttons that match these faceplates. If nothing else, this little wedge...
Read more

Why Experts Say PayPal and Venmo Need More Transparency

 Why Experts Say PayPal and Venmo Need More Transparency A new coalition of digital rights organizations is demanding more transparent policies for users of PayPal and Venmo after nearly a decade of opaque account restrictions and closures. https://www.styleforum.net/threads/mcafee-antivirus-download.687323/post-10770716 The role social payment platforms play in our lives has grown over the past decade, as companies  , the parent of Venmo, increased their user base. But as the world increasingly moved online last year due to the pandemic, complaints to the Consumer Financial Protection Bureau related to “managing, opening, or closing a mobile wallet”  nationwide, compared to 2019.  https://politicalfray.com/threads/https-sites-google-com-view-keoni-cbd-gummies-ingredients.18107/post-114085 Now, a group of digital rights advocates is saying enough is enough. https://coldnetwork.net/threads/https-mack-and-sons-cbd-wixsite-com-mackandsonscbdoil.47215/#post-238489 "Espec...
Read more

Encrypted Messages on Multiple Devices May Increase Risks, Experts Say

 Encrypted Messages on Multiple Devices May Increase Risks, Experts Say After its July announcement that , WhatsApp users rejoiced at the idea of being able to log in across several devices. But will the added convenience come with tradeoffs for privacy? Here's what you need to know. https://plakatlogamemas.blogspot.com/2021/02/jasa-plakat-cililitan.html?showComment=1626363836538#c3953581957739408206 Despite its  the popular messaging app has   in  (and, er, ) for numerous vulnerabilities, raising questions about its security. Experts caution there also could be tradeoffs when connecting multiple devices to any encrypted communication app. https://cologodesigner.blogspot.com/2021/07/washington-redskins-history.html?showComment=1626414328843#c8872198182442839202 "[The question] is not just adding more devices, but are they always secure?" , a computer science professor at Columbia University, told Lifewire in a phone interview. "The security phrase is ‘attack surface’...
Read more