Google will start scanning apps downloaded from sources other than its Play Store for malicious code before they are installed on a user’s device.

The new feature was detailed in a recent security blog update by Google’s group product manager, Steve Kafka, and senior engineer manager, Roma Kirrilov.

Google’s Play Protect service already offers built-in proactive protection against malware.

The service scans 125 billion apps daily to help protect users from malware and unwanted software.

When it finds a potentially harmful app, it can take various actions — including sending the user a warning, preventing an app install, or automatically disabling the app.

The company is now trying to stop this malicious software from even getting a foot in the door.

“Previously, when installing an app, Play Protect conducted a real-time check and warned users when it identified an app known to be malicious from existing scanning intelligence or was identified as suspicious from our on-device machine learning, similarity comparisons, and other techniques that we are always evolving,” Google said.

“With the latest update, Play Protect can perform a real-time scan at the code-level.”

For apps that the service has not scanned before, Google will allow users to use the feature to help detect new threats.

They will be presented with a pop-up notification like in the screenshot below.

Google explained that the scanning will extract important signals from the app and send them to its Play Protect backend infrastructure for a code-level evaluation.

“Once the real-time analysis is complete, users will get a result letting them know if the app looks safe to install or if the scan determined the app is potentially harmful,” Google said.

“This enhancement will help better protect users against malicious polymorphic apps that leverage various methods, such as AI, to be altered to avoid detection.”

The new Play Protect feature will roll out to all Android devices with Google Play services, beginning in India and expanding to all regions in the coming months.

Android devices are generally more susceptible to malware than iPhones due to less stringent controls on what users can install.

Apple only allows users to install apps from its App Store unless an iPhone is jailbroken. It can also implement hardware limits to reduce the risk of malware infection.

In addition, Android’s code is open-source, which is somewhat of a double-edged sword.

While it can make building malware for the operating system easier, it can also help quickly identify potential security vulnerabilities.