Google has improved Google Play Protect by enabling it to scan unfamiliar apps beforehand, using code analysis to determine if they exhibit malicious behavior. Previously, Google Play Protect relied on checking for similarities with known malicious code in its database. However, criminals have been able to slightly modify the code while still maintaining its original functionality (polymorphic), reducing the effectiveness of this similarity-based approach. By analyzing code to predict behavior, this new feature closes this loophole.
This feature will initially be rolled out in certain countries, starting with India. When users install apps from outside the Play Store, Google Play Protect will prompt them to scan before installation.
TLDR: Google Play Protect has been upgraded to scan unknown apps in advance using code analysis, allowing for better identification of malicious behavior. This added feature will be available in certain countries, starting with India, and helps close the gap caused by modified code. Users will be prompted to scan apps from external sources before installation.