These days, you carry out a lot of your life on your mobile phone. With your phone linked to bank accounts, personal email, and sensitive company data, it’s important to choose a mobile phone that is secure. And if you’re looking for the most secure mobile phone, Android probably isn’t right for you. Here’s why Android phones are rated less secure than other mobile phones.
Android Is Open Source
Unlike the other mobile OSs, Android is open source. That is, anyone can look at the code and examine it to understand how it works and what might be its potential weaknesses. This is a huge potential risk. On its website, Android makes a big deal about how it counteracts the open-source risk, but it seems that in the real-world these strategies don’t seem to have made a big difference in the security of the OS.
Android Doesn’t Vet Apps
Part of being totally open source is letting anyone develop apps for Android, anonymously. This means that buying and downloading apps for Android is a big caveat emptor. The other operating systems are much better at this. On iOS, there’s a pretty vigorous vetting practice for apps to get approval, and it means that every app has a known provider. This dramatically cuts down on dangerous apps.
Most Malware Targets Android
Malware for all mobile phones has been growing even more dramatically than the popularity of the phones themselves, and most of that increase is aimed at Android. In the last quarter of 2012, 96% of all malware was targeting Android. And there’s more every day. Last quarter, the number of malicious and high-risk apps available for Android jumped to 718,000, up 41% from the previous quarter. Google is trying to deal with this by, for example, introducing Google Bounce to remove undesirable apps from Google Play in February 2012, but the number of malicious apps continues to grow.
Security Is Shoddy on Android
It’s your own fault if you’re among the 70% of Android users that doesn’t have any security software installed on your mobile phone. But that 70% unvaccinated rate helps malware spread quickly, which increases the risk that your phone will be compromised before virus updates get to your security program (unless your security app uses zero-day threat protection, for example mobile protection from Webroot).
But what’s a bigger problem is that Android itself is pretty poor about distributing security updates. Although Google fixes the updates quickly, it doesn’t push them out directly to consumers, so you may end up getting your phone infected via an exploit that has already been patched, just not on your phone.
It’s Harder to Remotely Manage Security Settings
Unlike Blackberry, Android isn’t really set up to allow companies to control the settings on their employees’ devices. This may be part of the open-source, fight-the-power mentality of Android, it is an important concern for companies that are providing Android to employees. Without the ability to control the way employees use their devices, any Android use has all the same risks as a BYOD.
The open-source approach of Android is an interesting social experiment in the ability of a completely open marketplace to police itself. If you’re careful and follow best practices, there’s no reason why your Android can’t actually be a safe mobile device, but it does come with (many) more potential risks than your other options.
Dr. Matthew Candelaria is a professional writer with more than five years' experience writing copy in industries such as law, medicine, technology and computer security. For more information about him and his work, visit writermc.com.