Why there’s no antivirus for iOS

September 10, 2018

It might seem strange that Kaspersky Lab doesn’t offer an antivirus app for iOS, but there’s a good reason: Apple doesn’t allow any proper antivirus apps into the App Store, saying “Apple designed the iOS platform with security at its core” and that the operating system does not need an antivirus utility.

That sounds rather arrogant, but it’s not marketing nonsense: Apple iOS is indeed designed to be very secure. iOS apps are executed in their own sandboxes — secure environments that seclude the apps, keeping them away from other apps’ data, not to mention from tampering with the operating system’s files. Under iOS, a wanna-be-malicious app won’t be able to steal or compromise anything; it won’t be permitted outside its own sandbox, where only its own data is stored and processed. That’s really helpful in terms of security.

In addition to that security measure, Apple restricts installation on iOS devices to only those apps from the official App Store (unless somebody — be it your company admins or a malefactor — has an enterprise developer account that lets them use Mobile Device Management [MDM] to install apps from third-party sources). The company has really tight control over what is allowed into its store, reviewing the code of all apps before approving anything. Connecting the dots, that means that someone would have to develop a malicious app for iOS and then get it through official review before it had a chance of making it onto an iOS device.

Of course, the above is true for nonjailbroken iOS devices only — but the majority of iPhones and iPads aren’t jailbroken, mostly because modern versions of iOS are very secure, and there is no known way to jailbreak them.

Those very same limitations mean antivirus apps can’t actually be created for iOS: To work at all, any antivirus solution has to be able to watch what other apps are doing and intervene if an app’s behavior is suspicious. You can’t do that in a sandbox.

What about the security apps in the App Store?

Search the App Store and you will find things called Internet security apps. These apps have two things in common: They are not antivirus apps, and they tend to get bashed in user reviews for that reason. As we already said: A proper antivirus solution cannot run in iOS. These apps are not antivirus utilities, even if they have antivirus engines embedded, they are not allowed to scan other apps and their data. That point typically appears in reviews by knowledgeable users, who bash them for not being actual antivirus apps.

What do those apps really do? Are they fake? Well, no — and they may contain useful security features such as antiphishing and antitracking modules, VPNs, parental control utilities, password managers, ad blockers, antitheft solutions, or any combination of those.

All of those features are helpful — and related to security and privacy — but calling the combination an Internet security suite is confusing and misleading for users. It’s an unspoken rule that antivirus should be a key component of any Internet security app. That’s the very reason Kaspersky Internet Security for iOS simply doesn’t exist: We wouldn’t mislead our users. But all the aforementioned features are actually useful, and that’s why we have something else for Apple’s mobile operating system.

How to stay safe in iOS

Apple really did engineer iOS with security at its core, but that’s not enough to call it an absolutely secure operating system. Every once in a while, cybercriminals find new ways to exploit vulnerabilities in iOS or fool the Apple personnel who review apps.

Those ways have included poisoning the Xcode development kit so that innocent-looking apps created with it became malicious, or having an app check for location and not run the malicious code in the US, letting the attackers slip in under Apple’s radar and right into the App Store.

So, having an iOS antivirus app sounds like a great idea, but unfortunately none exists and none can be created as things stand. Luckily, malware for iOS is very rare at the moment, so your odds of encountering any are low. (Again, that is true unless you install an MDM profile, because after that, your device can be fully and remotely controlled from the server of the organization that issued the profile. So for nonenterprise users, avoiding MDM certificates is the main security principle under iOS.)

No malware, no problems, right?

Unfortunately, malware is not the only threat out there. Let’s not forget that other threats are just as real for iOS users as they are for everyone else. Those threats include phishing, spam, network data interception, and so on and so forth, not to mention privacy threats. That’s why every iOS user needs to know cybersecurity basics (we have a post on that). We also recommend iOS users in particular use security services such as Kaspersky Security Cloud.

Despite not having an antivirus engine, Kaspersky Security Cloud for iOS provides some very useful security enhancements such as a built-in VPN that offers to activate itself when it finds the connection is not secure, notifications about relevant security incidents, and a tool that checks for weak system settings. We round those out with our Password Manager and, in the Family version, Kaspersky Safe Kids, our advanced parental control tool. That should keep you on the safe side.