Android smartphones are becoming more and more popular each year. With this increased user base, comes an increased need for Android OS to protect its users from malicious applications that may violate users' privacy. The Google Play Store is the main means of dissemination for new applications and as such should provide a layer of efficient protection against malicious applications. However, there have been times when malicious applications were allowed on the Play Store, even after the introduction of the recent Play Protect Service. In this paper, we have opted to investigate the efficiency of the Play Protect Service in detecting malicious applications that are both sideloaded onto a device and uploaded directly to the Play Store. In order to accomplish this, we have developed a spyware application, called InstaCam, that is advertised as a simple camera app. However, it asks for functionally unnecessary permissions that make it a practically dangerous app. We tested InstaCam against various antivirus applications, including Play Protect. The results show that there is substantial delay in the ability of Play Protect to detect our malicious application while other popular antivirus software is capable of detecting InstaCam in a timelier manner.
