Google has released its annual Android Ecosystem Security Overview for 2025, describing how artificial intelligence is being used to improve protection against harmful activity. The report notes a clear reduction in malicious app submissions and developer account violations, which it links to the adoption of generative AI in app reviews.
Data released by Google shows that more than 1.75 million suspicious apps were rejected before being listed on the Google Play Store in 2025. The company also restricted over 80,000 developer accounts for policy breaches. Both totals are lower than the previous year’s 2.36 million rejected apps and 158,000 suspended accounts.
Vijaya Kaza, Google’s Vice President of App and Ecosystem Trust, confirmed that the decrease is largely due to enhanced machine learning models that allow the company to identify threats earlier in the submission process. The company stated that its latest generative AI models are now capable of identifying malicious patterns more rapidly than previous systems, though final approval decisions remain in the hands of human reviewers. Last year, Google announced that AI currently runs more than 10,000 safety checks on every application submitted to the platform.
Outside the storefront, Google leaned heavily on Google Play Protect. The security layer, which processes more than 350 billion app scans per day, stopped 27 million malicious sideload attempts in 2025 alone. The company further scaled its fraud detection framework to 2.8 billion Android devices across 185 markets, intercepting 266 million install attempts linked to 872,000 flagged apps.
In addition to preventing harmful apps, Google addressed inauthentic activity within the Google Play Store. It reported blocking 160 million fake interactions, such as spam ratings and fraudulent reviews, to preserve trust in its feedback system. According to the company, these actions stopped review bombings that could have reduced app ratings by roughly 0.5 stars on average.
Play Protect also intervened in data privacy enforcement. The service prevented 255,000 Play Store apps from accessing sensitive user data after they failed to meet Google’s policy requirements. The company did not disclose the specific apps involved or the exact nature of the violations.
Google also confirmed plans to extend the Google Play Store developer verification program to all professional developers within the Android ecosystem. The policy is designed to recognize verified developers and limit the risk posed by malicious accounts.
Although the measure is intended to strengthen security, some users have criticized it for tightening control over the ecosystem and limiting flexibility. Under the updated rules, students and hobbyists will still be allowed to publish apps on a smaller scale without completing the full verification process.
Maybe you would like other interesting articles?