Google has initiated a new program, 'enhanced fraud protection', in collaboration with Google Play Protect, aiming to enhance the defense against financial fraud attacks for Android users. The pilot program is set to debut in Singapore, with the support of the Cyber Security Agency of Singapore (CSA) in the coming weeks. Google, in a blog post, highlighted the strategic partnership with CSA, emphasizing the program's role in safeguarding Android users from mobile financial fraud.

The enhanced fraud protection will analyze and automatically block the installation of apps utilizing sensitive runtime permissions, commonly exploited for financial fraud. Specifically, the program targets apps installed from Internet-sideloading sources such as web browsers, messaging apps, or file managers.

Google explained that the enhancement will inspect real-time permissions declared by the app, focusing on four runtime permission requests: RECEIVE_SMS, READ_SMS, BIND_Notifications, and Accessibility. These permissions are often misused by scammers for intercepting one-time passwords via SMS or notifications and spying on screen content. Google's analysis revealed that over 95% of installations of major fraud malware families exploiting these permissions originated from Internet-sideloading sources.

Chua Kuan Seah, Deputy Chief Executive of CSA, emphasized the importance of such partnerships with technology players like Google in continually improving anti-scam defenses to protect online users and their digital assets. The 2023 Global State of Scams Report by the Global Anti-Scam Alliance reported that 78% of mobile users surveyed faced at least one scam in 2023. Among the respondents, 45% noted an increase in scams over the last 12 months.