Feel free to disagree, but my views are as stated below.
I do believe Google Play Protect should not be treated as any means of real-time malware protection, instead to be considered as a built-in service to the Google/Android ecosystem. In other words, it's not a product to install on top, as it's already there.
According to the report (below) and I just mentioned it above, I get the impression that Play Protect does the majority of it's work in the background.
As an example, the moment a developer submits an app to be published on the Google Play Store, Play Protect is already on it and is before any AV vendor can intervene to say what's safe or not.
I'm not saying to completely avoid AV apps for Android, because should you wish to use one.. use one from a vendor you trust. And if you are considering one, I recommend Bitdefender Free AV for Android. It's a minimal yet effective solution to protecting Android users without compromising performance or your wallet. It's also cloud-based so very little data usage, although you do need to be connected to the Internet.
At the end of the day, Android users should:
- enable Play Protect on devices running Android 4.2 or higher
- use the Google Play Store for apps and updates
- check app ratings and reviews, find out about the developer's credibility
- be vigilant before installing apps from unknown sources
- understand the real risks of rooting (why it is opposed by certain parties etc.)
- avoid pirated apps (warez, cracked) and the world of shady 3rd-party app stores
- anything questionable (ie. "Get free FIFA coins, download totally-not-a-coin-miner.APK for free today!!")
May be useful for Android boxes bought on the web.. which is a popular trend since last year.
Google’s Play Protect service had huge impact on security in 2017
Android Developers Blog: Android Security 2017 Year in Review
Edit: Paragraphs arrangement.
