It’s a common misconception that any Android phone you purchase will inevitably be afflicted by crippling malware. But while it’s true that smartphone manufacturers and wireless carriers alike need to take security updates more seriously, it’s also true that malware exists on every platform, and it’s pretty straightforward to protect yourself against most risks. Even more encouraging? According to Google’s annual report on the state of Android security, the operating system’s security is much better than you think.
The report explains that in the past year, Google has made big improvements to its machine learning and event correlation technology, which has helped it to better detect potentially harmful behavior. The company checked more than 6 billion installed apps each day and protected users from network-based and on-device threats by scanning 400 million devices per day. Additionally, Google protected hundreds of millions of Chrome users on Android from unsafe websites.
The company has also made it more difficult for potentially harmful apps to make their way onto the Google Play Store, and it estimates that those efforts reduced the probability of installing such an app by more than 40% as compared to 2014. Within the Google Play Store, install attempts of most types of potentially harmful apps declined. Install attempts for apps guilty of data collection decreased more than 40% to account for 0.08% of installs. Install attempts for apps with spyware decreased 60% to account for 0.02% of installs. And install attempts for “hostile downloader” apps decreased 50%, accounting for just 0.01% of installs.
Overall, potentially harmful apps were installed on 0.15% of devices that only get apps from Google Play. About 0.5% of devices that install apps from both Play and other sources — places where you really shouldn’t download Android apps — had a potentially harmful app installed during 2015. Google tries to protect users who install apps from sources other than Google Play, verifying apps before they’re installed, warning users about potentially harmful apps, and continually checking devices to ensure that all apps are behaving in a safe manner.
Android Marshmallow introduced an array of new security protections and controls, from full disk encryption as a requirement to updated app permissions. Additionally, Google has engaged with security researchers who find vulnerabilities in the operating system, launched a monthly security update program — which is something of a work in progress, as many Android devices aren’t getting the monthly updates that Google wants its partners to provide.
Mark Bergen reports for Re/Code that while Android has had a tough year in the headlines — with numerous reports pointing to damaging holes in the open operating system and placing the blame on Google — the company contends that the data offers a different picture. Adrian Ludwig, Android’s lead security engineer, tells the publication that “There is a fairly big disconnect between what’s in the data and what’s in the public discussion.”
Bergen notes that Google’s efforts to improve the process for pushing security updates to Android phones are aimed at reforming a laborious process, since “Android’s best asset — its openness — is also its biggest vulnerability, as it forces Google to update software in cooperation with a myriad of hardware and carrier partners, which are often less equipped (or concerned) than Google on security.”
Google is gradually taking more control, and on Android 5.0, it’s Google instead of the hardware makers that controls updates on the software for writing web apps. According to Re/Code, the key takeaway from the report is that Google is taking security seriously.
While Google’s focus on security reportedly wasn’t influenced by Apple’s case against the FBI, the report does seem timely given the European scrutiny on Google’s practice of bundling its apps with the Android operating system. In light of those charges, it makes sense for Google to point out the safety of its own app store versus the security of alternative app stores.
However, The Wall Street Journal’s Nathan Olivarez-Giles points out that the safest Android users remain an unfortunately small minority. The safest are the 4.6% who run Android Marshmallow, which is the only version of the operating system to offer full-disk encryption and granular app permissions. By contrast, 84% of iOS users are running the operating system’s fastest and most recent version, iOS 9. Android is getting safer, but not enough manufacturers are yet issuing monthly security updates, and the only guaranteed way to stay up to date on Android versions is still to buy a Nexus device.