Android Oreo prevents automatic installs or updates of unverified apps
Google Play Store is the most reliable source for downloading apps on an Android phone, as the risk of potential threats lurking behind them is less compared to third-party stores. But that hasn’t deterred people from going to third-party app stores. The desire to try out the latest version of an app or trying a game which hasn’t been released in your country on the Play Store are some of the factors which attract people.
Google is trying to make sure that Android users don’t end up downloading potentially risky apps even from third-party stores.
For this they have tweaked the security settings in Android Oreo. The Runtime permission feature, which has to be enabled to allow installation of apps from unknown sources, has been replaced with a new permission system. It blocks installation of apps without your permission even if the setting to download apps from unknown sources is enabled.
The new permission system will not just show an enable/disable toggle but will also show the apps which are being used to run third-party app stores. So if you are using the Chrome browser or Amazon app store to download an app, the new permission system will provide the option to “always allow apps” or “ask every time” before an app downloaded from Chrome or Amazon app store can be installed. If you decide to deny them that permission, every time a new app tries to install on the device through Chrome, you will be notified.
This feature can be accessed in Settings-> Apps & notification->Advanced-> Special app access->Install unknown apps.
This modification is part of Google’s fight against potentially harmful apps, also referred to as PHAs (potentially harmful apps), which put your device and data at risk and are usually found on third-party stores.
Authors behind PHAs use a hostile downloader to install apps on your device.
For example, an app downloaded from a third-party store on Chrome may not contain a malicious code but can introduce it later through an update. With Android O, you will be warned if an app is trying to install an update, to help you identify PHAs and remove it from the device.
This doesn’t add an extra layer of security to your device, like the Play Protect, which scans every app on the device to identify bad apps. It basically keeps you informed and allows you to decide which apps have their permission to install apps, unlike the earlier setting where enabling the unknown sources feature meant opening an entire door to risky apps and malwares.