Accounting for over one billion smartphone sales last year, Android is by far the most common operating system. It’s no surprise then that the OS is a prime target for malware and compromised security. While Google is very active in making Android safer, there are also a range of third party apps available. Read on to find out how to improve your security.
Threats on Android come in all forms, but in the end the majority are trying to make money in some way or another. It might involve stealing personal info or credit card numbers, scamming users with premium SMS services or just good old spam and popup ads.
Android phones also face security threats from being physically stolen, or having sensitive data accessed without permission.
The first step towards better protection is to understand the threats, as well as what can be done about them.
Security on Android is a bit different to on a PC, and by far the easiest way to get malware is through apps.
The older idea of a self propagating virus that infects a system without any input from the user is a little outdated, though still possible in rare cases.
Google actually scan the apps on Android phones for harmful malware, using Google Play.
Less than one percent of phones actually have a problem, but when you are checking 200 million devices a day, that 1% adds up fast.
Since Google is also pretty good at policing their own app store, the majority of compromised software comes from unofficial third party app stores.
To put that in perspective, of phone that only install apps from the Google Play store, less than 0.15% have software with a security issue.
The best bet for avoiding malware is to simply only download apps that you know and trust.
Of course that doesn’t give total protection. For example (from my personal experience), a benign notepad app went rogue via a later update, and started showing popup ads even when not in use.
In this case, the solution was to Google the issue, then uninstall suspect apps until the culprit was found.
It’s not just users who can install dodgy apps. Here in Australia we love our grey imported tech, but there have actually been cases of new phones arriving with malware.
Another option is to use a malware scanning app – check out our recommendations down below.
Stay Up To Date
Google is pretty quick to patch any new vulnerabilities in Android and roll out an update.
The problem is that manufacturers are usually a lot slower to release the patch for their customised versions of Android.
For many devices (especially older ones), there is no longer any support and updates will simply never happen.
In some cases, those with older devices can flash a custom firmware (such as something from Cynamod), which should have better support.
In the end though, the only way to make sure is to research how well your preferred brand handles updates.
The best solution of course is to buy a Nexus device, or a phone that uses stock Android where the updates don’t need any customisation.
Built In Android Protection
Aside from automatic malware protection, Android has a range of other security features in case your device is lost or stolen.
The first step is to actually use some sort of lock – be it a pin, fingerprint or (on some phones) facial recognition.
Having a lock on your device can be pretty annoying, but options such as fingerprint scanners are very quick and easy to use. In fact, it can often be faster than having to hit the power button, then swipe to unlock, even without a pin.
Once your device has some basic security enabled, there are further options for more protection.
The new Nexus phones all have encryption turned on by default, but it can be enabled manually on devices running Android 4.1 or newer.
Another option is to use a third party app to handle encryption. It doesn’t have to be for the entire phone either – individual folders can be protected.
The downside is that encryption can cause performance loss in some cases.
Another great security feature built into Android is theAndroid Device Manager. It gives you the ability to remotely track, lock, ring or erase your phone if it is lost or stolen.
The coolest part is that if logged into your Google account, typing ‘where is my phone?’ (or a similar variant) brings up device manager, and shows you exactly where your phone is.
Further functionality such as being able to remotely take photos with a missing phone are available via third party apps.
Using hard to crack passwords is important, but the best option is to turn on two factor authentication.
This means that even if your password is compromised, there is still a layer of protection – especially important on banking apps.
One important aspect to consider is your notifications. Two factor authentication is great, but if your phone is lost or stolen, it can be more easily overcome.
Having a pin on the lock screen may not be enough by itself, as some notifications are displayed even before entering the code.
It’s worth double checking exactly what notifications are displayed on your lock screen.
It’s totally possible to avoid (most) malware or security issues with a bit of common sense, and Android’s inbuilt protections.
But sometimes having extra security options can be a good thing. It’s easy to, with loads of free and paid apps available.
The problem is picking the best ones. To help out, we got hands on with the top security apps, as recommended by AVTEST.
We then culled that down to just 5 – the very best, as well as some other solid options.
Many security apps seem great, but always have some sort of catch. It might be reduced functionality, ads, or just that they are not very good.
Not Sophos. It’s totally free for personal use, and instead the company makes its money from the commercial side of the app.
Sophos includes security features such as malware scanning, real time protection from dodgy websites and SMS attacks, app passwords, phishing, tracking, app permission checker, and a call and text filter.
In testing by AVTEST, the Sophos app managed to spot 100% of the Android malware.