A recent surge in user reports has revealed that Google’s Android System SafetyCore—a system service designed to enable on-device content scanning—has been silently installed on Android devices running Android 9 and later since October 2024.
The app, identified by the package name com.google.android.safetycore, has sparked widespread concern over privacy and transparency, with critics likening its deployment to a “backdoor” installation.
While Google asserts that SafetyCore operates locally to classify sensitive content without transmitting data externally, its stealthy rollout has reignited debates about user consent and corporate accountability in the age of AI-driven mobile ecosystems.
SafetyCore first appeared as part of Google’s November 2024 system updates, bundled with Play Services and the Android System Key Verifier app.
SafetyCore App: Silent Installation
Unlike typical app installations, SafetyCore lacks an icon, hides within system processes, and occupies ~2GB of storage—a detail highlighted in a viral X (formerly Twitter) post that accused Google of secretly enabling photo gallery scans.
Forbes reported that users discovered the app only after navigating to Settings > Apps > Show system processes, where it appears as a background service with permissions for internet access, storage, and device sensors.
Google clarifies that SafetyCore provides “on-device infrastructure” for apps like Google Messages to implement features such as Sensitive Content Warnings, which blur potentially explicit images and alert users before sending or receiving them.
“SafetyCore provides on-device infrastructure for securely and privately performing classification to help users detect unwanted content. Users control SafetyCore, and SafetyCore only classifies specific content when an app requests it through an optionally enabled feature”, Google
The service uses machine learning (ML) models to classify content locally, maintaining end-to-end encryption and avoiding cloud-based data transfers.
SafetyCore’s architecture aligns with client-side scanning (CSS), a privacy-preserving technique that processes data locally rather than on remote servers.
However, CSS remains controversial due to its potential for misuse. Security experts warn that such systems could expand beyond their original scope, enabling governments or corporations to surveil unrelated content.
While Google insists SafetyCore is confined to “opt-in” features, its silent deployment undermines trust, as users were not informed about the service’s installation or capabilities.
Notably, SafetyCore operates independently of Google Play Protect, Android’s existing malware scanner, and focuses instead on content moderation.
The service requires 2GB of RAM, making it compatible with most devices post-2018. The SafetyCore backlash mirrors Apple’s 2022 controversy over Communication Safety in iMessage.
While Apple faced criticism for enabling photo scanning by default, it provided clear documentation and user controls—a contrast to Google’s opaque rollout.
In late 2024, Apple’s Enhanced Visual Search feature, which matches photos to landmark databases, faced criticism for activating without explicit consent.
Both cases underscore a growing rift between tech giants’ privacy pledges and their implementation practices.
Following the X post, Google modified that SafetyCore is “opt-in” and emphasized its role in combating scams and abuse. The company also highlighted binary transparency for system APKs, though this fails to address the ML models’ opacity.
Collect Threat Intelligence on the Latest Malware and Phishing Attacks with ANY.RUN TI Lookup -> Try for free