I’m an Android user. Whether that evokes strong emotion from you or not, the low cost of entry to the platform is what steered me in that direction and kept me brand-loyal-enough to not jump to an iPhone.
From a Statista report in February 2020, “Android maintained its position as the leading mobile operating system worldwide in December 2019, controlling the mobile OS market with a 74.13 percent share.”
With three-quarters of the global market to protect, securing Android phones is no small undertaking.
There’s also a lower cost-of-entry and skill-ceiling to Android app development, something that malicious actors are far too often found abusing to their profit. Unlike Apple’s rigid standardization, Android has to be universal enough to run on just about anything more powerful than a Raspberry Pi. This approach to software development is bound to leave security gaps.
With these factors in mind, let’s talk about the global threat in detail and what you can do to protect yourself and your phone.
They get you through apps.
One thing I cannot knock Apple for is requiring their developers to jump through hoops to prove their app is worthy of sitting on Apple’s digital shelves. Android devices, however, have the option to use Google’s app store or install app packages themselves from the web. Sometimes you have to check a box saying you know what you’re doing, but the gate’s wide open. I prefer this, as I will eternally tinker with my electronics. But for most users, the ability to install mobile apps from any source is much more of a threat than a feature.
The only official place to download and install Android apps is from the Google Play Store app which ships with your phone. Only installing packages from this repository is the first best step to protecting yourself from fraudulent activity. If you ever question the legitimacy of the Play Store app on your phone, tap and hold the icon to place it, and try to drag up to uninstall. The legitimate Play Store is a core system app and cannot be uninstalled.
A report by Upstream in June 2020, covering 31 carriers across 20 countries, highlighted just how much cyber crime is impacting Android users. In Q1 of 2020, their “platform detected more than 29,000 malicious apps versus just over 14,500 during the same quarter of last year . . . [as well as] a dramatic 55% spike in the number of fraudulent mobile transactions” versus the same quarter last year.
What’s even crazier is that they show “nine of the 10 top malicious apps of 2020 for the quarter are – or were at some point – available on Google Play, meaning they have passed the security checks in place” for Android app developers to release their creations to the public. This data expands to show that for the full 2019 year, 30% of the top 100 malicious apps were present on Google Play at some point.
So not only do you have to use the legitimate App Store to stay safe, but now you’ve got to be wary of the apps within as well. Luckily, we can govern mobile application behavior at another level.
Meet ESET Mobile Security for Android. I’ve previously used (and like) ESET’s endpoint security solutions for Windows and Mac, but I personally was new to the idea of anti-virus / anti-malware / security for phones.
Leveraging the power of ESET’s scans and security reports puts the health and digital hygiene of your phone back in your hands. Through their functionality, you gain the ability to:
- Protect your Android phone with ESET Anti-virus
- See daily reports on the status of your phone
- Schedule or perform on-demand scans of your phone
- Selectively lock applications with an additional access PIN
- Remotely lock your device, or trigger a siren sound if you need to physically locate it
Though our partnership with ESET, Steel Root can offer you six months of the premium subscription to ESET Mobile Security for Android at no cost. Please reach out to us at firstname.lastname@example.org to learn more or take advantage of this protection.
Stay safe out there!
Client Services Manager