Mobile security should be a top priority for any smartphone user. Phones have quickly evolved in recent years to store and share our most sensitive data. Whether managing our finances, social life, or business info, these devices have valuable data that malicious actors can profit from. To stay safe, you’ll have to select devices and apps that focus on security.
Many users are not prepared for the risks that come with using smartphones as a central touchpoint for all their important data. While much of the weight does fall on users to behave safely, an equal duty remains on device and software developers to design secure platforms.
In this article, we’ll explain smartphone security across the main mobile operating systems.
The Scope of Mobile Security Threats
Mobile security continues to rise in importance with each passing year. The Internet of Things (IoT) is the largest factor in this importance, connecting everything from our wallets to our home security systems to our phones. The growth in phone-centric technology opens all endpoint users and businesses alike to dangers.
Among the threats to user safety, these are some of the most common:
- Malware attacks — such as Trojans , spyware , and viruses .
- Cyber scams — like phishing and social media scams.
- Malicious data breaches or leaks — via brute force attacks and malicious insiders etc.
- Users with weak or unused security features — like passwords and privacy settings.
- Software or hardware with security weaknesses — such as zero-day vulnerabilities.
Trojan Malware on Mobile Devices
Notably, Trojans are the most prominent mobile threats — they constitute over 95% of mobile malware. Over 98% of mobile banking attacks target Android devices, which also comes as no surprise. Android is the most popular mobile platform in the world (over 80% of the global smartphone market). Also, Android is the only popular mobile platform that allows users to side-load software.
Dangers of Convenience over Security
Of course, the threats extend far beyond just Trojan malware. But just like the Sberbank Trojan incident, many of these threats slip by users. To make matters worse, smartphone security is unfortunately not as prioritized by users as it should be.
Many users choose to focus on convenient use and ease of access over their privacy and safety. As more users begin to work from home and the gap between work and personal devices closes, the concern over compromised devices is growing. Especially with “bring your own phone” (BYOP) device use being authorized to cut costs in the workplace, unsecured devices give criminals an easy door to highly sensitive information.
Despite the security risks of ever-expanding convenience, modern technology continues to make phones a central hub of data and connectivity. Fortunately, smartphone developers are doing their part to help make this space safer for all parties involved.
Compare Mobile Security: iOS vs Android Security vs BlackBerry vs Windows Phone
Choosing a secure mobile platform will set the tone for your smartphone safety. But how secure is each phone platform? Mobile devices have become both integral and ubiquitous in everyone's lives, and so they have attracted the interest of criminal hackers eager to steal your vital information.
If you’re like most users, you probably have one of two operating systems for your smartphone: Google’s Android or Apple’s iPhone iOS. Users of these two types of phones often debate about which is better. Users also tend to overlook other offerings on the market, such as Blackberry and Windows Phone.
Overall, many more people are buying and using Android phones: 74 percent of the market has this OS on devices, according to Forrester Research. Apple phones make up about 21 percent of the market, and Windows phones lag far behind with 4 percent, Forrester Research reveals.
Commonly, users will ask, “what is more secure Android or iOS?” The truth is a bit more complex than a simple statement of the superiority of one brand over another. This question also excludes a whole other section of the phone market that should be factored in when considering secure mobile platforms.
Some users prefer design features and ease of use, while others focus on cost and security. In an iOS vs Android security comparison, it’s important to consider what actually makes a mobile platform safe. It’s also important to consider the other major options on the market beyond these two top platforms.
Android OS Phone Security
Android security has a questionable security reputation, mainly because no one owns it. In other words, no one regulates what can or cannot be offered as an Android app, or even what can be sold as an Android phone.
With hardware and OS development done in relative isolation, it seems only the larger names on the Android phone market receive a reasonable lifespan of supported OS updates. For more obscure models, OS compatibility may be much shorter. By association, app compatibility usually ends with an outdated OS. Security risks also accompany the larger market share and the open-source OS offered by Android. These give hackers the tools and potential payoff to target Android systems.
Fortunately, Google constantly works to provide security to Android users. More importantly, users can have full control over their own privacy and security by customizing their Android.
Most users will be able to secure Android phones by keeping it updated and avoiding downloading apps of unknown or doubtful origin. In addition, choosing more mainstream Android devices will help your chances of remaining in the OS support cycle. As an additional precaution, products like Kaspersky Antivirus for Android provide malware protection on your phone.
On the business end, more recent Android devices support Google's Android for Work — designed to protect workplace applications and uses. Also, recent Android devices from Samsung support Samsung's own Knox security technology.
Apple iOS Phone Security
Apple's iOS mobile operating system is tightly controlled by Apple itself, which also tightly controls the apps available in the Apple App Store. This control allows Apple devices to offer good security "out of the box," at the price of some user restrictions.
For example, iOS only allows one copy of an app on each device. So, if a user has a company-provided security-restricted copy of an app, the user cannot also have an unrestricted version of the same app for personal use. Customizability is more restricted with iOS as well, with everything from the phone’s appearance to app functionality having to fall into Apple’s design rules.
iOS users will find themselves limited to Apple-approved devices and apps, which is a positive for streamlining security. With limited touchpoints across the whole ecosystem, Apple can provide support to each of their devices for a longer lifespan than platforms with hardware-OS fragmentation. Apple’s smaller platform means even older phones may still be able to run the recent OS and apps, reaping all the benefits of new security fixes in the process. iPhone security, as a result, has gained a “safer” reputation among users.
Additionally, the closed ecosystem only permits apps that don’t access the phone’s root coding, which reduces both the need for iOS antivirus and makes an iOS antivirus impossible to create for App Store approval.
However, iOS is not invulnerable to malware attacks. If Apple misses any vulnerabilities or chooses certain undesirable approaches to security, you will have little to no control over this.
Windows OS Phone Security
Windows Phone also has a degree of centralized control, but has a history of security weaknesses, though its performance is improving as more and more users are coming onboard.
That said, support for the Windows Phone infrastructure has largely ended as of early 2020. Windows Phone 8.1 OS, Windows RT, and Windows 10 Mobile are no longer supported with updates or native app support. Windows 10X is the only phone OS slated for a potential future release but currently is not available.
Previous phone hardware models are not developed anymore either, leaving the market void of any security fixes for existing products. With the future of new Windows phone products in question, there is currently no established security upkeep for the platform.
Blackberry OS Phone Security
Blackberry has been known to also tightly controls devices and apps. Moreover, it is built for MDM, making it easier for a company to manage and protect its devices.
However, Blackberry OS and its successor, Blackberry 10, have unfortunately become outdated over the past decade. Specifically, Blackberry 10 is on the tail end of its support lifespan while Blackberry OS has been unsupported with updates since 2013.
Blackberry no longer makes phone hardware — and Blackberry-branded phones by TCL Communications will halt sales in August 2020. This ultimately leaves older business and personal phones open to zero-day exploits.
Mobile Operating Systems (OS) — Pros and Cons
No one device or operating system is the definitive "best" when it comes to security. How secure your smartphone is, depends on your personal or professional needs and level of tech fluency.
Here is a breakdown of the pros and cons of each type of device, along with a few things to think about when making your decision:
Android OS Phones
- Pro: Highly configurable; you can fully control your privacy settings.
- Con: Lack of standardization means weak "out of the box" security.
- Tip: Best if you are comfortable with adjusting security settings and tools.
Apple (iOS) Phones
- Pro: Consistency and reliability; you know what you are getting.
- Con: Not invulnerable to malware; heavily dependent on Apple security practice. Also, while Apple products are generally priced higher than the Android, they don't guarantee 100% security and are still vulnerable to malware and hacking.
- Tip: Probably the simplest choice for "pretty good" security.
BlackBerry OS and Blackberry 10 Phones
- Pro: Designed to provide industrial-strength enterprise security.
- Con: You will probably need a separate personal device, which may come with its own security issues.
- Tip: Likely not recommended due to the dwindling support for Blackberry hardware, OS, and app support.
Windows OS and Windows 10 Phones
- Pro: Compatible with Windows; steadily improving security performance.
- Con: History of uncertain security performance in the past.
- Tip: Not recommended due to outdated support; may change if Windows releases a new phone and mobile OS.
Each smartphone option has mobile security strengths and limitations. How you use your smartphone — and how comfortable you are with adjusting its security settings — will play a big part in deciding which is the best choice for you.
There is no doubt that this debate will continue as more devices come on the market, and increased security measures become more and more important.
How to Keep Your Phone More Secure
Be aware of OS Security Updates
OS updates are a common point of debate when discussing iOS vs Android security. The concept extends to other platforms like Blackberry and Windows Phone as well.
Notably, Android users generally tend not to update their phones to the latest OS. The Android 9 OS, also called Pie, was released in August 2018; as of late 2019, it had an adoption rate of just over 20%. This is in contrast to Apple iOS 13’s adoption rate of 50%. This makes Android users that much more vulnerable.
Update adoption is also complicated by the fact that handset manufacturers and network providers can customize the OS. These entities may not release updates in as timely a manner as Google does. Incompatibilities with more fringe third-party phones can further hinder the adoption of new OS updates.
Android malware accounted for the biggest share of all mobile threats in 2018. To combat this issue, Google has begun requiring smartphone manufacturers to patch malware vulnerabilities in software within 90 days of their discovery. Regularly downloading these updates to Android smartphones is a good way to prevent cyberattacks.
But ultimately, choosing a well-supported platform will further ensure you’re protected from cyberthreats. Each decision towards picking your OS and phone hardware will be essential in defining your mobile cybersecurity.
Final Takeaway — 10 Tips for keeping your mobile phone safe and secure
- Stay on native app stores and stay off third-party app stores. As a rule of thumb, you should stick to the Apple, Google Play, or Microsoft stores. Even in the official stores, you should be reading app reviews and searching trusted sites for more information.
- Never download apps without verifying their safety first. Most phones have settings that allow you to verify any apps coming from unknown sources before downloading. However, always find and read reviews to prevent suspicious apps on your device.
- Always update to the latest OS version as soon as possible. Security patches included in these updates are critical to your phone’s security. This simple process can stop entire families of malware from winning the battle of your data wars.
- Consider replacing your phone once it is unsupported by the OS. Outdated phones are teeming with unpatched exploits that hackers intentionally seek out and abuse. Getting a newer, supported phone will help you keep yourself protected from a data breach .
- Set up remote data “wiping.” By allowing remote data deletion, you can log into a web service via any internet browser and clear your phone of all data. This is an essential service if your device is ever lost or stolen.
- Do not disable or bypass data protections from your employers. On devices used for business purposes, your workplace IT staff have likely installed security protocols that protect sensitive data. These can be inconvenient but are essential for the safety of yourself and your employer.
- Enable password protection on your OS, apps, and services when possible. All information can be used to compromise your security — no matter how seemingly insignificant. Complex passwords stored in a password manager will help you stay safe.
- Turn on multifactor authentication. Whether you’re using a password plus biometrics — such as fingerprint scanning or facial ID — you’ll want more than one layer of account credentials. Passwords alone leave you open to brute force attacks and more.
- When in doubt, always choose security over convenience. As frustrating as some protections can be, identity theft is always worse. An extra layer of defense might cost you a few seconds from your day but saves you thousands in time and money spent repairing the damage done to your life by hackers and other cybercriminals.
- Consider investing in other technologies that help protect your private and personal data . Virtual Private Networks (VPNs) are an excellent way of securing your mobile devices. With a secure VPN connection installed, you can transmit banking information, credit card data, and other personal information over unsecured Internet servers with less concern.
Ultimately, the question of which platform to choose comes down to your choice of compromise between freedom-of-use and the likelihood of being a hacking target.
There is no clear answer to the question of “which is safer iOS or Android?” With technology always having some sort of weaknesses, there will always be the chance that you’ll be a target. So, it’s up to you to ensure you’re using safe practices and always re-evaluating the companies you trust your data with.