Mobile security should be a top priority for any smartphone user. Phones have quickly evolved in recent years to store and share our most sensitive data. Whether managing our finances, social life, or business info, these devices have valuable data that malicious actors can profit from. To stay safe, you’ll have to select devices and apps that focus on security.
Many users are not prepared for the risks that come with using smartphones as a central touchpoint for all their important data. While much of the weight does fall on users to behave safely, an equal duty remains on device and software developers to design secure platforms.
In this article, we’ll explain smartphone security across the main mobile operating systems.
Mobile security continues to rise in importance with each passing year. The Internet of Things (IoT) is the largest factor in this importance, connecting everything from our wallets to our home security systems to our phones. The growth in phone-centric technology opens all endpoint users and businesses alike to dangers.
Among the threats to user safety, these are some of the most common:
Notably, Trojans are the most prominent mobile threats — they constitute over 95% of mobile malware. Over 98% of mobile banking attacks target Android devices, which also comes as no surprise. Android is the most popular mobile platform in the world (over 80% of the global smartphone market). Also, Android is the only popular mobile platform that allows users to side-load software.
Of course, the threats extend far beyond just Trojan malware. But just like the Sberbank Trojan incident, many of these threats slip by users. To make matters worse, smartphone security is unfortunately not as prioritized by users as it should be.
Many users choose to focus on convenient use and ease of access over their privacy and safety. As more users begin to work from home and the gap between work and personal devices closes, the concern over compromised devices is growing. Especially with “bring your own phone” (BYOP) device use being authorized to cut costs in the workplace, unsecured devices give criminals an easy door to highly sensitive information.
Despite the security risks of ever-expanding convenience, modern technology continues to make phones a central hub of data and connectivity. Fortunately, smartphone developers are doing their part to help make this space safer for all parties involved.
Choosing a secure mobile platform will set the tone for your smartphone safety. But how secure is each phone platform? Mobile devices have become both integral and ubiquitous in everyone's lives, and so they have attracted the interest of criminal hackers eager to steal your vital information.
If you’re like most users, you probably have one of two operating systems for your smartphone: Google’s Android or Apple’s iPhone iOS. Users of these two types of phones often debate about which is better. Users also tend to overlook other offerings on the market, such as Blackberry and Windows Phone.
Overall, many more people are buying and using Android phones: 74 percent of the market has this OS on devices, according to Forrester Research. Apple phones make up about 21 percent of the market, and Windows phones lag far behind with 4 percent, Forrester Research reveals.
Commonly, users will ask, “what is more secure Android or iOS?” The truth is a bit more complex than a simple statement of the superiority of one brand over another. This question also excludes a whole other section of the phone market that should be factored in when considering secure mobile platforms.
Some users prefer design features and ease of use, while others focus on cost and security. In an iOS vs Android security comparison, it’s important to consider what actually makes a mobile platform safe. It’s also important to consider the other major options on the market beyond these two top platforms.
Android security has a questionable security reputation, mainly because no one owns it. In other words, no one regulates what can or cannot be offered as an Android app, or even what can be sold as an Android phone.
With hardware and OS development done in relative isolation, it seems only the larger names on the Android phone market receive a reasonable lifespan of supported OS updates. For more obscure models, OS compatibility may be much shorter. By association, app compatibility usually ends with an outdated OS. Security risks also accompany the larger market share and the open-source OS offered by Android. These give hackers the tools and potential payoff to target Android systems.
Fortunately, Google constantly works to provide security to Android users. More importantly, users can have full control over their own privacy and security by customizing their Android.
Most users will be able to secure Android phones by keeping it updated and avoiding downloading apps of unknown or doubtful origin. In addition, choosing more mainstream Android devices will help your chances of remaining in the OS support cycle. As an additional precaution, products like Kaspersky Antivirus for Android provide malware protection on your phone.
On the business end, more recent Android devices support Google's Android for Work — designed to protect workplace applications and uses. Also, recent Android devices from Samsung support Samsung's own Knox security technology.
Apple's iOS mobile operating system is tightly controlled by Apple itself, which also tightly controls the apps available in the Apple App Store. This control allows Apple devices to offer good security "out of the box," at the price of some user restrictions.
For example, iOS only allows one copy of an app on each device. So, if a user has a company-provided security-restricted copy of an app, the user cannot also have an unrestricted version of the same app for personal use. Customizability is more restricted with iOS as well, with everything from the phone’s appearance to app functionality having to fall into Apple’s design rules.
iOS users will find themselves limited to Apple-approved devices and apps, which is a positive for streamlining security. With limited touchpoints across the whole ecosystem, Apple can provide support to each of their devices for a longer lifespan than platforms with hardware-OS fragmentation. Apple’s smaller platform means even older phones may still be able to run the recent OS and apps, reaping all the benefits of new security fixes in the process. iPhone security, as a result, has gained a “safer” reputation among users.
Additionally, the closed ecosystem only permits apps that don’t access the phone’s root coding, which reduces both the need for iOS antivirus and makes an iOS antivirus impossible to create for App Store approval.
However, iOS is not invulnerable to malware attacks. If Apple misses any vulnerabilities or chooses certain undesirable approaches to security, you will have little to no control over this.
Windows Phone also has a degree of centralized control, but has a history of security weaknesses, though its performance is improving as more and more users are coming onboard.
That said, support for the Windows Phone infrastructure has largely ended as of early 2020. Windows Phone 8.1 OS, Windows RT, and Windows 10 Mobile are no longer supported with updates or native app support. Windows 10X is the only phone OS slated for a potential future release but currently is not available.
Previous phone hardware models are not developed anymore either, leaving the market void of any security fixes for existing products. With the future of new Windows phone products in question, there is currently no established security upkeep for the platform.
Blackberry has been known to also tightly controls devices and apps. Moreover, it is built for MDM, making it easier for a company to manage and protect its devices.
However, Blackberry OS and its successor, Blackberry 10, have unfortunately become outdated over the past decade. Specifically, Blackberry 10 is on the tail end of its support lifespan while Blackberry OS has been unsupported with updates since 2013.
Blackberry no longer makes phone hardware — and Blackberry-branded phones by TCL Communications will halt sales in August 2020. This ultimately leaves older business and personal phones open to zero-day exploits.
No one device or operating system is the definitive "best" when it comes to security. How secure your smartphone is, depends on your personal or professional needs and level of tech fluency.
Here is a breakdown of the pros and cons of each type of device, along with a few things to think about when making your decision:
Android OS Phones
Apple (iOS) Phones
BlackBerry OS and Blackberry 10 Phones
Windows OS and Windows 10 Phones
Each smartphone option has mobile security strengths and limitations. How you use your smartphone — and how comfortable you are with adjusting its security settings — will play a big part in deciding which is the best choice for you.
There is no doubt that this debate will continue as more devices come on the market, and increased security measures become more and more important.
OS updates are a common point of debate when discussing iOS vs Android security. The concept extends to other platforms like Blackberry and Windows Phone as well.
Notably, Android users generally tend not to update their phones to the latest OS. The Android 9 OS, also called Pie, was released in August 2018; as of late 2019, it had an adoption rate of just over 20%. This is in contrast to Apple iOS 13’s adoption rate of 50%. This makes Android users that much more vulnerable.
Update adoption is also complicated by the fact that handset manufacturers and network providers can customize the OS. These entities may not release updates in as timely a manner as Google does. Incompatibilities with more fringe third-party phones can further hinder the adoption of new OS updates.
Android malware accounted for the biggest share of all mobile threats in 2018. To combat this issue, Google has begun requiring smartphone manufacturers to patch malware vulnerabilities in software within 90 days of their discovery. Regularly downloading these updates to Android smartphones is a good way to prevent cyberattacks.
But ultimately, choosing a well-supported platform will further ensure you’re protected from cyberthreats. Each decision towards picking your OS and phone hardware will be essential in defining your mobile cybersecurity.
Ultimately, the question of which platform to choose comes down to your choice of compromise between freedom-of-use and the likelihood of being a hacking target.
There is no clear answer to the question of “which is safer iOS or Android?” With technology always having some sort of weaknesses, there will always be the chance that you’ll be a target. So, it’s up to you to ensure you’re using safe practices and always re-evaluating the companies you trust your data with.