Google said that as of October 2019, four fifths (80%) of Android apps available for download through the official play store were using HTTPS to encrypt their network traffic. For apps that target Android 9 directly, the number is even higher, reaching 90%. This means that traffic entering or leaving one of these applications is encrypted and cannot be intercepted or read by a third party.
Google expects that number to rise in the next few years, mainly because the company has gradually launched and implemented a series of measures since 2016. It includesWarnings in IDE tools and Google play developer dashboards。
It is reported that since 2017, Google has been promoting Android developers to integrate encrypted traffic into their applications, so as to provide better security and privacy when applications communicate through the Internet or the network.
Since Android 7 in 2016, Google has introduced a network security profile that allows application developers to choose not to use clear text when performing network communications. In the Android 9 released in 2018, Google further took measures to make all applications targeting Android 9 or later automatically use the default policy to prevent applications from using unencrypted traffic.
It is worth mentioning that Google is much better than apple in implementing HTTPS for application developers. A report released in June 2019 found that only a third of IOS applications are using ATS, a technology used to encrypt the network traffic of IOS applications.
In addition to Android App makers, Google has also successfully pushed websites to adopt HTTPS instead of the vulnerable HTTP protocol.
According to the company'sTransparency Report, HTTPS usage in Chrome is now between 85% and 95%, depending on the platform.
For example, 89% of all sites currently loaded in chrome in Android are loaded through HTTPS. On Chrome for windows, that's 84%.