The digital landscape is currently witnessing a massive tug-of-war between sophisticated bad actors and the security protocols designed to stop them. In 2025 alone, Google reported blocking a staggering 8.3 billion policy-violating ads and suspending nearly 25 million accounts, highlighting the sheer scale of the threats facing everyday users. To dive deeper into these shifting defenses, we spoke with Rupert Marais, an in-house security specialist with extensive expertise in endpoint protection and cybersecurity strategy. He provides a granular look at how Android 17 is overhauling privacy and how intent-based AI models are becoming the front line of defense against global fraud networks.
Generative AI is increasingly used by malicious actors to create deceptive ads at scale. How is the shift toward intent-based AI models improving real-time detection, and what specific metrics demonstrate that these systems are more effective than traditional keyword-based filters?
The shift toward intent-based models like Gemini represents a fundamental change in how we perceive digital threats. Traditional filters were often easily bypassed by bad actors who swapped out specific keywords or used clever misspellings to fly under the radar. Now, by focusing on the underlying intent of an ad, our systems can catch malicious content even when it is designed to be evasive. The effectiveness is best seen in the numbers: over 99% of policy-violating ads were intercepted by these automated systems in 2025 before a single user ever laid eyes on them. This proactive stance allowed for the removal of 602 million ads specifically tied to scams, proving that understanding the “why” behind an ad is far more powerful than just scanning for a list of “bad” words.
Android 17 is moving away from broad contact permissions in favor of a standardized Contact Picker. What are the primary technical hurdles for developers during this transition, and how does granting access to specific fields rather than full records change the user experience?
For years, the standard practice was to use the READ_CONTACTS permission, which was essentially a “skeleton key” that gave an app access to every detail in a user’s address book. The primary hurdle for developers now is migrating away from this broad access to a more surgical approach where they must specify exactly which fields—like just a phone number or an email—they actually need. This requires a significant audit of the app manifest and the implementation of the new Contact Picker or the Android Sharesheet. For the user, this transforms the experience from a high-anxiety “all or nothing” permission prompt into a transparent interaction where they can feel the weight of their data privacy. It creates a searchable, secure interface that ensures an app doesn’t see the name of your doctor or your private notes just because you wanted to share a single phone number.
New one-time location buttons and persistent indicators are being introduced to enhance transparency. How should developers structure their justifications for persistent precise location access, and what specific criteria will determine if a “Play Developer Declaration” meets the necessary privacy standards?
When a developer submits a Play Developer Declaration, they are essentially making a legal and ethical case for why their app cannot function without constant, high-precision tracking. We are looking for proof that the core feature of the app—not just a secondary perk—relies on this data and that the new “one-time” location button is insufficient. Developers should be very specific in their documentation, detailing the exact user scenarios that necessitate persistent access. If an app targets Android 17 and uses precise location for discrete, temporary actions, they should instead be using the onlyForLocationButton flag. The criteria for approval are strict; we want to see a clear link between the data collected and the value provided to the user, ensuring that “background tracking” doesn’t become a default setting for apps that don’t truly need it.
Unofficial app account transfers through third-party marketplaces often leave businesses vulnerable to fraud. How does the new native account transfer feature within the Play Console mitigate these risks, and what steps must developers take to ensure a secure transition by the 2026 deadline?
The danger of unofficial transfers lies in the “wild west” nature of third-party marketplaces, where sharing login credentials or selling accounts can lead to total loss of intellectual property or the insertion of malicious code. By introducing a native account transfer feature directly within the Play Console, we are providing a verified, “chain-of-custody” style process for shifting ownership. Developers need to start moving away from these risky third-party deals immediately, as the deadline of May 27, 2026, will mark the end of permitted unofficial transfers. To ensure a smooth transition, businesses should begin auditing their account ownership structures now and prepare to use the official tools that validate both the sender and the receiver. This move essentially closes a massive loophole that fraudsters have exploited for years to hijack successful applications.
Policy-violating ads, including those for scams and malware, were blocked or removed by the billions in 2025. Could you walk us through the step-by-step process of how AI reviews search ads instantly, and how this prevents harmful content from reaching users?
The process begins the moment a developer or advertiser submits a Responsive Search Ad to the Google Ads platform. Instead of waiting for a manual review or a batch scan, the Gemini model performs an instant analysis of the ad’s components, including the headlines, descriptions, and the landing page destination. It looks for patterns associated with the 480 million web pages we actioned last year for malware or sexually explicit content. By the end of 2025, the majority of these ads were being screened at the point of submission, meaning the harmful content never even entered the auction phase. This real-time filtering is what allowed us to suspend 39.2 million advertiser accounts in the previous year and refine those efforts to catch 8.3 billion bad ads in 2025, creating a much narrower window for scammers to operate.
What is your forecast for mobile privacy and ad security?
I believe we are entering an era of “radical transparency” where the hidden plumbing of mobile data will become visible to the average user. Over the next few years, we will see a total phase-out of broad, persistent permissions in favor of ephemeral, intent-based access that expires as soon as a task is completed. As AI models become even more adept at spotting the subtle emotional triggers used in generative AI scams, the “cat-and-mouse” game will shift toward the source of the content rather than just the delivery method. For users, this means a significantly cleaner experience, but for developers, it means the days of “data hoarding” are officially over; if you can’t justify the data you are collecting in plain English, you simply won’t be allowed to collect it.
