04.04.19

Is your Android AV software putting you at risk?

Android is the world’s most popular consumer operating system, powering billions of phones, tablets and other internet-connected devices. Since its earliest days, though, the OS has had a reputation for being less secure than its primary competitor, Apple iOS.

The main reasons behind this perception have included the extensive permissions in the Android API that app developers can take advantage of (translation: Android apps can access more system data and functionality than their iOS counterparts), plus the availability of third-party app stores that don’t provide the same security assurances of Google Play.

Is your Android AV software putting you at risk?
Vendors such as Total Defense are dedicated to cybersecurity and have a track record of success in protecting devices from harm.

In response, a huge Android-specific antivirus software industry has emerged. Protective apps often promise to clear your device of security threats, thereby keeping your data safe while also potentially improving system performance that had previously struggled because of an infection. But do they actually do what they say on the tin?

Threat detected: The danger of fraudulent Android AV apps

By and large, no. A recent investigation by AV-Comparatives of 250 such apps available in Google Play found that only 23 of them – including Total Defense’s solution – had 100 percent detection rates with no false positives. The rest were completely ineffectual.

Some apps actually flagged themselves as malware, due to the simple oversight of not including their package names on the whitelist of safe apps that they use. Any software developer making such a basic mistake is not worth trusting, especially in a high-stakes domain such as cybersecurity.

Moreover, many of the fraudulent apps are essentially just engines for displaying ads. They consume bandwidth, drain battery and collect your data without providing any real benefit.

Although not examined in this particular study, Android virtual private networks (VPNs) present similar risks. A VPN should be a good way to protect the privacy of your internet connection. However, many vendors make it difficult to discern if they log your activities (which would defeat the entire purpose of the VPN. Even big companies like Facebook have been caught leveraging their VPNs as spyware.

How to determine if Android AV software is legitimate

There are still worthwhile Android security apps out there – so how can you distinguish them from all the fakes? Here are a few tips to keep you on track:

Check the developer’s other apps

Fraudulent AV software is often the product of a fly-by-night operation or a company that doesn’t even specialize in cybersecurity. The best way to determine this is by checking what other apps the developer has published to Google Play.

Stick with an established vendor

Vendors such as Total Defense are dedicated to cybersecurity and have a track record of success in protecting devices from harm. You can trust what they are offering far more than a less prominent seller that might simply be looking to serve you ads or harvest your data.

Be careful with ‘free’ products

If a security app is free – i.e., it requires neither a payment in Google Play nor an activation key tied to a paid subscription – tread carefully. In addition to having an exclusively ad-supported business model, they usually won’t offer the full range of protection you need to keep mobile threats at bay, just as the AV-Comparatives security researchers discovered in their wide-reaching assessment.

To learn more about how Total Defense can protect your Android device, visit our Mobile Security page today.