Does My Android Device Need Antivirus Software?

There’s a certain stigma surrounding Android devices, dating back nearly a decade since the platform first launched in October of 2008 with the T-Mobile G1 and Android 1.0. Despite having been worked on for years by Google, Android was unpolished when it launched that fall, especially when compared to iPhone OS 2 (the platform had yet to be renamed iOS, which would happen in the summer of 2010 with iOS 4). Apple’s mobile operating system had more than a year to prepare for the arrival of a true modern competitor, and it showed. While Android allowed for far more user freedom, including the ability to customize your phone with wallpapers (a feature that wouldn’t roll out to iPhone users for two more years) and support for hardware keyboards, iPhone OS 2 gave users access to a whole new suite of apps with the release of the App Store, along with major updates for system apps like email, calculator, maps, and contacts.

The freedom offered by Android extended to apps as well. Though Android offered an app store of its own in the Android Market (later renamed Google Play), the platform also offered full freedom to anyone looking to sideload apps from third-party sources like online app stores and APK markets that gathered legal (and sometimes illegal or pirated) copies of applications that could be downloaded and installed directly to your device, similar to how Windows manages its app installation process. While this allowed (and still allows) for more flexibility when it comes to the apps on your phone, it also can make it easier for malicious users online to take advantage of unsuspecting.

 

All that said, modern versions of Android ship from Google with a pretty locked-down, safe ecosystem if you know what you’re doing. Yes, Google’s popular mobile operating system is still weaker to exploits than other smartphone OSes, namely iOS, but with that security risk comes a greater sense of freedom when using your devices. You don’t have to get your apps from the Play Store if you don’t want to, which allows you to take your business to the app store of your choosing. The apps you do grab from there typically have to go through less content control than what we’ve seen from similar applications on the iOS side (though by no means is modern Google Play a complete ‘wild-west’ scenario). Typically, apps approved by Google or Amazon, the creator of the second-largest app store on Android, are good to go in terms of viruses and unwanted malware (though some apps may be unoptimized and run poorly on your phone).

Of course, every now and then, you may have reason to believe that your phone has been infected with a virus. It’s unlikely, with the culprit more likely being a rogue application, but it’s always better to err on the side of caution. There are a multitude of applications and utilities on Android that promise to remove viruses and other dangerous apps from your phone, but not all of them are created equal—in fact, some of those apps are just as bad as the viruses they intend to cure. So, let’s start right from the beginning. In order to remove and protect your Android phone from viruses, it’s important to understand exactly what others mean by “virus,” how viruses work on Android, and what the apps intended to remove viruses from your phone actually do. Without further ado, it’s time to dive into the world of “viruses” on Android.

The Basics of “Viruses” and Malware on Android

The word “virus” gets thrown around a lot in the world of personal technology and computers. In the late 1990s through the late 2000s, the word was typically used to refer to Windows PCs as havens for viruses, spyware, malware, trojans, and all other sorts of dangerous and illicit programs that would end up on computers without the user’s permission. Windows XP is infamous for its weak security, and indeed, attacks still occur on Windows XP-based platforms in 2017: WannaCry was a massive ransomware attack that hit businesses in May of 2017 and caused Microsoft to push an emergency update out for the nearly-sixteen year old operating system.

Apple, the company behind the Mac, iPod, and iPhone, often took advantage of the weaknesses in security of its closest competitor. The Get a Mac ad campaign of the 2000s were infamous for their attacks on Windows platforms known for their bugs and openness for viruses. And indeed, while Macs can and do get their fair share of viruses and malware, attacks happen at far lower rates than on competing platforms due to increased security on MacOS as a platform, and because MacOS has a far lower adoption rate than Windows. In the eyes of hackers and rogue developers, a bigger audience means a bigger target.

It’s been a long time since Windows was as dangerous as it was in the 2000s. Updates starting with Windows 7, and especially in Windows 8, 8.1, and 10, all brought additional security. Apple continued to crack down on dangerous software, keeping the iPhone and other iOS devices locked behind a walled garden, and making it difficult to install unsigned software on a Mac without diving deep inside the settings menu. But what about Android?

The reason to spell out the story of viruses on Apple and Microsoft products is simple: in many ways, the product history is nearly identical. Android, upon release, was infamous for its poor security when compared to Apple and the iPhone. With Android, Google preached openness above all, but as is typical when something is entirely unprotected from outside threats, some of those dangerous elements crept their way into the operating system, feasting and praying on users who were new to the smartphone market. And Apple, not one to sit on their laurels, used the topic in advertisements for the iPhone and iOS as a whole. As with most platforms, it’s the same story every time, repeated over and over again.

But there is a difference here: unlike on Windows, Android doesn’t really get viruses anymore. That doesn’t mean the dangers of Android are entirely eliminated, but the traditional “virus” as we’ve come to know it doesn’t exist on Android. Despite the fears of dangerous, “hacked” applications, Android, like iOS, operates in a sandboxed environment that prevents applications and code from modifying and spreading itself throughout your phone and onto the phones of others. On top of that, Google has stepped up their security measures a lot in the intervening years since launching Android 4.0 in 2011, and their efforts are notable; for instance, Google has committed to pushing out

Despite this, when you hear someone say their phone has been “infected with a virus,” or you’ve come to think there’s something wrong with your phone and its virus-related, they (or you) aren’t actually far off from the truth. Android has been known to have a serious malware problem, and malware can very easily be confused with a virus. Malware (‘mal’ coming from the Latin word for ‘bad’ or ‘badly’ and ‘ware’ coming from ‘software’) is a piece of software or an application that is designed to damage or disable parts of your computer or phone. And these things exist in various forms: spyware, adware, and ransomware are all variations on malware. They can track you, push unlimited, invasive ads in your face, and even disable parts of your phone or computer until you pay a specific fee to “unlock” your computer. So, malware (again, often referred to as a virus, even if they are slightly different variants of software) does exist for Android—even if its existence on the platform has been a little blown out of proportion.

What Protections Exist in Android Already?

In March of 2017, Google released a 2016 Year in Review for Android security, highlighting the changes made over the year that helped improve security on Android phones in general. In addition to security features that were built into Android Nougat to improve the operating system as a whole (and considering most phones on the market are still shipping with Android Nougat, with updates to Oreo in the pipeline, it’s important to note that Android 7.0 is actually fairly secure, despite its age). Since Android phones are designed out of the box to only allow users to install apps from Google Play, Google was able to announce that only 0.05 percent of phones with apps only installed from Google Play were exposed to a potentially harmful application. Still, with over two billion Android phones active and in use as of 2017, that’s still a million phones that were exposed to those PHAs (as Google likes to abbreviate).

Google has also said that they keep a close eye on app installations that show improvement year over year. The Verify Apps program conducted 750 million daily checks in 2016, according to Google, and the 2017 numbers (which will likely be released this March) will hopefully show an even larger number. When comparing 2016 to 2015, Google stated that trojan, hostile downloaders, backdoors, and phishing apps all dropped in downloads by anywhere from 30 percent to a huge 73 percent year over year, and again, the 2016 to 2017 numbers should show yet another increase. The full statistics can be viewed at Google’s site here.

Earlier, we mentioned the recent commitment by Google and other Android manufacturers to monthly security patches, and it sounds like this has been a success. In 2016, 750 million devices received monthly security patches from over 200 manufacturers, which is a pretty astounding number when you consider how many makes and models of devices there are on the planet for Android phones. These security patches have been instrumental in helping to keep Android phones safe and secure from threats, and you’ll want to ensure that you’re doing everything in your power to keep these updates applied on your phone. When these patches reach your phone depends on the manufacturer and model, but most modern Android phones have a fairly good reputation of reaching users in a timely fashion. Still, if you’re looking to know whether your phone is one that receives standard security updates, here’s a quick guide to the major manufacturers, courtesy of Google in June of last year.

  • Google: Google’s Pixel phones receive updates pushed directly from Google, including the standard monthly security patch. With a Pixel phone, you’ll basically always be up to date with the newest Android software.
  • Samsung: Samsung is actually pretty solid at shipping security patches for their phones. You should expect all of their major flagship devices to receive security patches for a full two years, typically pushing out a couple weeks later than Google’s own patches (largely due to carrier approval). Still, Samsung phones are largely kept up to date, and you won’t go wrong with one. The company also has a full site available here that features an up to date list of supported phones.
  • LG: LG manages to keep their flagship G6 and V30 up to date with security patches, along with the V20 from 2016 and some of their lower end devices (most notably the Stylo 2V), so purchasing a flagship device from LG is the way to go to ensure that your software is up to date. You can view their independent security website here to see what devices are supported and what’s being fixed in each patch.
  • Motorola: Unfortunately, Motorola is lacking in the security patch area. Back in 2016, Motorola confirmed to Ars Technica that they wouldn’t commit to monthly security patches. Though they do push out security patches to their Z-series, G-series, and X-series of phones relatively regularly, they’re often far slower than their competitors. The Z-series gets priority over the better-selling, budget G-series as well, which is important to note if you’re trying to purchase a phone with solid update records.
  • HTC: HTC has slowly been pulling away from the market, choosing most recently to not make their U11 Plus not available stateside, but that doesn’t mean the company is completely out of fans here. Still, HTC’s track record is seemingly mixed when it comes to pushing out regular monthly security patches. In 2015, they claimed that monthly security patches were “unrealistic” in a statement, and the company also made a point to hide the monthly security patch date on their 2016 flagship, the HTC 10. HTC does push out security updates from time to time, but like Motorola, their track record is mixed at best.

Generally speaking, Google, Samsung, and LG are better at security patches than their competition, with Sony also fairly confident in pushing out regular updates (Sony, unfortunately, has a miniscule impact on the United States market as a whole, and has largely been missing from the west for years). Motorola and HTC will patch their devices, but irregular schedules and a lack of any sort of commitment on the companies’ parts makes it difficult to recommend over phones from Samsung, LG, and especially Google, which will always be first to updates and patches. If you’re worried about mobile security on Android, those are the three companies you should look to pick up. Honorable mentions, however, do go to Blackberry. Since switching to Android, the company has done a fairly solid job at keeping their devices safe and secure, an important note considering their past of supporting business customers with privacy and security.

Do I need a Mobile Virus Protection Suite?

The answer, in most cases, is no. Most of the virus protection apps we’ve looked at on Google Play don’t do much. Though there are plenty of big names on the Play Store when you search for antivirus software (Norton, AVG, McAfee, etc.), you really don’t need the protection they offer. Each of these apps promise to scan your phone for actively malicious software, but the problem is that, outside of surface level threats, these apps can’t scan anything on a root level unless your device is rooted. If a security threat is hidden within the root level of your phone, trying to use these mobile apps won’t do anything but give you a false sense of security, something that can be masqueraded simply by keeping track of the content you download properly.

Still, we’re sure some readers might be under the assumption that downloading a mobile virus protection suite will, even on the surface level of your device’s file system, have some proper effect on protecting the device. Unfortunately, in many cases, keeping a useless virus suite on your device can cause your battery to drain, your processing power to be eaten, and your phone generally slowed down as a result of keeping a virus protection application running in the background of your phone. In actuality, these apps can cause your phones plenty of issues in the long run, and generally aren’t efficient at solving problems related to viruses on Android. They don’t do nothing—apps like Norton will scan your app installs for security, as well as your downloads through Chrome or an alternate browser—but as we’ll point out below, Android already has plenty of those security provisions built in.

You’ll likely notice that most of the antivirus apps on Android aren’t just built to protect you from viruses. This isn’t an accident. By their own admission when speaking to Android Central, Symantec’s Director of Symantec Security Response Kevin Haley stated, “Even security companies know the risk is low — that’s why apps are packaged with other selling points.” These apps often have other utilities baked in, like battery monitors, cleaning utilities, private photo locks, and more. If you want to use these utilities, you absolutely can, but we’d still suggest finding independent apps for all of these use cases, as opposed to using the ones baked into an Android antivirus suite.

What Should I Do Instead?

When it comes to Android, the safest defense is common sense. Outside of a cute rhyme, there’s reason to this as well. If you’re truly worried about mobile security—and by no means are we saying you shouldn’t be—it’s important to practice safe choices when using your phone. A good starting place is to limit your apps to the Google Play Store. Not only is the Play Store the largest available market for phones today, it also happens to be the safest place to download apps. We mentioned above that Google Play isn’t infallible to security threats, however, which is why it’s important to use the Google-approved equivalent to a mobile virus suite: Google Play Protect.

Play Protect is installed within the Play Store and works in the background. The service regularly checks both your apps and your device for harmful behavior, just as any Google Play-approved virus software would do, but without additional software, processor slowdown, or battery drain. If you’ve seen this wor For the most part, you’ll never have to interact with Play Protect, but if you’re interested in seeing what the app is doing, you can load up your device’s menu. There isn’t a whole lot of information to gain here, which in some ways is a good thing while using your phone daily. In addition to the option to learn more about Play Protect, you can see recently scanned apps (typically, this involves scanning your entire phone) and the last time Play Protect scanned your phone. If there’s an issue to address, Play Protect will alert you here; otherwise, you’ll see a display that reads “Looks good” (pictured above) and the option to rescan your phone manually. Finally, you can disable scanning security threats, and if you wish, you can enable the option to send unknown, non-Play apps to Google for better security detection.

Outside of Play Protect, it’s simply important to continue thinking of your phone as a computer, not as a separate device. The same security defenses you participate in on Windows or MacOS should spread to your mobile phone. Don’t click on links in email attachments or text messages you are unfamiliar with. If you’re visiting a strange and unsafe website, navigate away and delete any files downloaded to your device without opening them. Keep the option to install apps from unknown sources disabled on your phone to ensure you don’t accidentally install an unsafe APK file. Don’t root your phone either, as apps with root access can do far more damage than apps that cannot access your root file system. Ensure your phone is always up to date with security patches, and don’t just keep pushing the update back day after day. Finally, for phones running Android 6.0 Marshmallow or above (read: most modern devices), make sure to take every permission request seriously. If a basic flashlight application is asking to view your phone log and contacts, deny the app and remove it from your phone. Permissions are important to pay attention towards, as any app can request permissions on your phone to take advantage of the unsuspecting consumer.

***

Your phone is the most important computer you carry around on you. It’s a device with access to your bank account, your email, password managers, and so much more sensitive information that, should your phone ever fall into the wrong hands, it could cause some serious damage in your life. That’s why it’s important to treat your phone similarly to how you already treat your computer. Take care of the hardware you own, ensuring that it’s always safe from dangerous software and that the apps installed on your mobile device are all downloaded from the Play Store. In the end, you don’t need some special application on your phone designed to monitor your apps and downloads; Google’s already doing that for you. Practicing safe browsing and common sense is the best defense against dangerous apps online. Just follow some of the guidelines above, make sure your phone is kept up to date, and you’ll be on your way to a safe and happy mobile experience.

Posted by William Sattelberg on January 13, 2018

One thought on “Does My Android Device Need Antivirus Software?”

James says:
Why Android does not have its own antivirus, similar to MS Windows Defender in PC?
Reply

Leave a Reply

Your email address will not be published. Required fields are marked *