Tread carefully when it comes to Android security products – and never take an app provider’s claims at face value. In light of recent research showing that the majority of antivirus apps are pretty much useless, these messages are more relevant than ever.
Here’s why many antivirus (AV) apps can end up doing you and your phone more harm than good…
What the researchers did…
Austrian Antivirus testers, AV-Comparatives took a sample of 250 antivirus security apps by an assortment of developers found on the Google Play Store.
Through the company’s automated Android testing framework, the 250 security products were tested against the 2,000 most common Android threats of 2018 (testing took place in January 2019). As these were established threats, you would expect them to have been indexed, identified and blocked by any antivirus software worthy of the label.
The researchers defined the threshold between a legitimate antivirus app and one that was ineffective or unsafe as the ability to detect more than 30% of threats with zero false positives.
What they found…
For the 250 apps under the spotlight, here’s what was discovered…
Only 80 apps passed the basic test, detecting more than 30% of threats with zero false alarms.
Apps from 138 current vendors failed the test - either because they detected less than 30% of the malware samples, or because they gave a high rate of false alarms.
A further 32 apps had been removed from the Play Store in the time between the testing and publication of the research.
Overall, just 23 apps detected 100% of the malware samples.
A 100% success rate should be the norm
Of the products that failed the test, around half did so because of their low malware detection capabilities.
A benchmark of 30% success rate really isn’t asking a lot. After all, it’s not as if the researchers were expecting the products to pick up on new and previously unseen threats. The 2,000 malware strains used in the research had been present in the wild well before the testing took place - so any antimalware software worth its salt would be able to detect them as a matter of course. As the researchers point out, within these testing conditions, a detection rate of 90% and above should be “easily achievable”.
Beware the false positives
Same products, different packaging
Scroll through the Google Play Store for AV software and it seems as if you are spoiled for choice.
But look a little closer and lots of these apps are in fact remarkably similar to each other. It’s because many of them are put together using the common same white label AV app coding template.
Some products also make use of AV engines from established vendors and rebrand them as their own. You’d expect these variants to perform as well as the originals - but this isn’t always the case. The researchers suggest that this could be due to issues with the use of older engines, variations with internal settings and problems with implementation.
Why build a garbage app?
If it isn’t going to do a decent job, why put your AV app out there?
For some developers, it’s a matter of kudos: an Android AV app looks good as part of your wider product portfolio - even if it isn’t actually any good.
Others are no doubt driven by the same objectives as many other spammy app producers: the chance of picking up a couple of dollars from unsuspecting customers, or else as yet another platform for harvesting data, pushing ads and other content.
The best antivirus for android mobile
Most of us have a playbook for telling good from bad apps. This usually involves checking the number of downloads and star rating - along with a quick glance at the user comments.
When it comes to Android AV, you need to tread a little more carefully. After all, a 4 or 5 star rating might just mean that the users are not experiencing any performance issues with the software (while, unknown to them, the app is in fact doing little or nothing to block threats). Also, an app might be downloaded many times before the fact that it’s useless comes to light.
Of the 23 apps that came out on top, most were created by well-established companies (the likes of Kaspersky, McAfee and Symantec). So if you are looking for Android AV that actually works, look for evidence of independent effectiveness testing (above and beyond user reviews) - and stick with the names you know.
For a deeper dive into antivirus and its effectiveness, lack there of and the potential security risks of AV. See Volume 4 of The Complete Cyber Security Course.