Which Android smartphones are most secure?
87% of Android devices are vulnerable to attack by malicious apps and messages, a group of researchers from Cambridge University in England has revealed.
For years now, they have been urging Android users to install an app called Device Analyzer so that they can collect usage statistics, which give them an insight into how people use their smartphones and allow them to extract patterns and trends.
The researchers use this data set to make recommendations for the improvement of future smartphones and, if users of the app agree to it, they share this data with other researchers.
Their latest study was aimed at discovering how insecure Android devices are, and the reasons for this situation.
According to the study’s results, manufacturers are to blame, because most do not provide regular security updates. The bottleneck for the delivery of updates in the Android ecosystem lies with them rather than Google, operators or users.
“This arises in part because the market for Android security today is like the market for lemons: there is information asymmetry between the manufacturer, who knows whether the device is currently secure and will receive updates, and the consumer, who does not,” the researchers pointed out. “Consequently there is little incentive for manufacturers to provide updates.”
They found that devices built by LG and Motorola, as well as those devices shipped under the Google Nexus brand are much more secure than others.
“Google has done a good job at mitigating many of the risks and we recommend users only install apps from Google’s Play Store since it performs additional safety checks on apps,” Dr. Alastair Beresford noted. “Unfortunately Google can only do so much, and recent Android security problems have shown that this is not enough to protect users. Phones require updates from manufacturers, and the majority of devices aren’t getting them.”
The researchers’ hope is that this study will help people when choosing a phone, i.e. that they will opt for devices made by those manufacturers who are more quick to update them. Ideally, this will spur manufacturers and operators to deliver updates in a timely manner.