Detecting malware on Android devices
Android
devicesThe
UEM Client
and BlackBerry
Dynamics
apps can detect malware on Android
devices and report it as a compliance issue to UEM
. The UEM Client
and BlackBerry
Dynamics
apps can enforce compliance actions until the malware is removed (for example, preventing all BlackBerry
Dynamics
apps on the device from running).The
UEM Client
and BlackBerry
Dynamics
apps all include the BlackBerry Dynamics SDK
and the CylancePROTECT Mobile
library. These apps use these technologies to scan the apps on a user’s Android
device and upload the app files to the CylanceINFINITY cloud service. The app that initiates the malware scan is determined by the device activation type and the authentication delegate that you configure in the BlackBerry
Dynamics
profile. CylanceINFINITY
uses AI and machine learning to analyze the app package and produce a confidence score that it returns to the app that performed the scan. The confidence score indicates whether the scanned app is safe or potentially malicious.If the device has one or more malicious apps and "Malicious app package detected" is enabled in the compliance profile,
UEM
considers the device to be out of compliance, and the UEM Client
or BlackBerry
Dynamics
app takes the management action that is configured in the user’s compliance profile.An app is uploaded to
CylanceINFINITY
if it has a hash that CylanceINFINITY
has not processed previously. Whenever an app has a new hash (for example, for a new version) the app is uploaded to CylanceINFINITY
for analysis and scoring (if it has not already been uploaded from another device).This feature applies to the
Android Enterprise
, Samsung Knox
, MDM controls, and User privacy activation types.