It’s a busy job for Google to make sure that the over a billion smartphones and related devices containing the search giant’s Android operating system are safe as they can be.
Adrian Ludwig, Google’s (GOOG) lead engineer for Android security, said Wednesday during the Structure Security conference in San Francisco that one way it makes sure it can make those devices are secure is by keeping the Android OS free to outside coders to inspect, in a so-called open source method.
It’s a strategy that differs from Apple (AAPL), which keeps its mobile operating system locked down from outsiders.
Get Data Sheet, Fortune’s technology newsletter.
Apple mobile devices have generally been considered safer than Android devices when it comes to hacking, according to many cybersecurity reports and technology analysts.
Ludwig, however, contends that part of the reason Android devices have been plagued by more viruses is because consumers can purchase apps from many different app stores available, rather than only than the Google-sanctioned Google Play app store.
Google allows “for third-parties to make stores” on its operating system in order to give people other ways sell their apps if they “don’t want to distribute through Google Play,” he said.
Still, it’s often that corrupt apps get passed from the third-party app stores onto the devices of consumers who unwittingly download them. In these cases, Ludwig said, Google has to closely watch and react to how so-called malware is being spread downloaded onto devices—although he didn’t specifically say how the company does so.
For more about cybersecurity, watch:
Ludwig explained that because the Android OS is open source, more people are looking at the underlying code—which presumably means that these people can spot security holes. Still, he acknowledged that just because technology is open source, doesn’t mean that everyone is going to notice every single vulnerability in the code, as was the case of the major 2014 Heartbleed software bug that affected the popular open-source software OpenSSL.
In this case, Google needs help from the carriers and hardware manufacturers that build its phones to do their part in making ensuring they are regularly updating their phones’ software.
Ludwig cited Samsung as a standout company that “at this point has literally several hundred device models that they are regularly updating.”
