SEWORKS-blog_banner.png

App Security Insights

Android vs iOS – Which Platform Has Better Mobile Security?

Sep 28, 2017 9:00:00 AM / by AppSolid Team

Android-vs-IOS-Which-Platform-Has-Better-Mobile-Security-Blog-IMG.png

When it comes to phones, users are divided. On one side there are people who are adamant that Android phones are the absolute best thing a person could ever purchase to make calls and watch cat videos. On the other side, there are those that are faithful as can be to iOS phones -- even when the prices skyrocket and they’ll save a month’s pay to scurry to the store for the latest iPhone that barely has any new features compared with the previous version.

Regardless of which group you side with, the question is -- Which platform really has the better security? Today we're pitting the two against each other in a mobile security battle to see which one comes out on top. So place your bets and take your seats as we explore the mobile security of Android vs iOS.

Spoiler alert! We're already going to jump in and say that it's difficult, if not impossible, to decide with 100% certainty which phone platform is truly the safest.

In truth, both platforms have their own security vulnerabilities. With that in mind, here is all you really need to know about the security strengths and weaknesses of both of these systems:

Software Development

Apple iOS are Proprietary

Apple-Proprietary-blog-img.jpg

Apple iOS and Android platforms adopt very different approaches when it comes to software development. For Apple, development is a very strict and closely monitored process. Any adjustments and modifications that are made to the software can only be made by the company itself, or by personnel who are verified by Apple. This is good in the sense that the system is safe from unverified access, which ultimately makes it rather secure.

Unfortunately, it also means that the system is rather rigid, which can be quite troublesome for users. For example, iOS users may have a hard time accessing third party apps that are not approved by Apple. They are however, not completely deterred from doing this as they can opt to jailbreak, or unlock, their phones. The catch is that doing so shifts all responsibility regarding device security onto their shoulders, but they get to enjoy the benefits that third party apps have to offer.

Android Systems are Open Source

Android phones on the other hand have an open source policy which allows third parties to easily modify the code and create any number of apps. This is a double-edged sword when it comes to security. On the good side, it means that it is less difficult for developers to create software that is very secure. Each time a security threat arises, it can be easily combatted and fixed in no time.

On the downside, it is extremely hard for Android systems to keep track of all app developments and potential security breaches, since there is no telling just how many adjustments and modifications are happening at any given time. This makes android phones particularly vulnerable to hackers and people with ill-intent to wreak havoc for users the world over.

Additionally, fragmentation only adds to the dilemma. Fragmentation refers to when users access different Android versions at the same time. It happens a lot with Android since it is very popular with people all over the world. When this happens, trying to secure them all is very much like trying to look for a needle in a haystack - nearly impossible. This is why Android users are normally advised to keep updating their phones, as this a way to protect users from malware.

It is the proprietary nature of iOS systems that some experts claim make iOS phones more secure. With Android’s open source system, pretty much anybody with enough skill and knowledge could develop a way to break in an exploit any vulnerabilities that may be present. However, it would take a person with an intimate knowledge of iOS, and possibly even an inside man to help them hack into those systems.

Apps

Apple iOS is a Strict Gatekeeper on Apps

Apps play a huge role in determining how secure a device will be. If any unsafe apps make it to a device, there is no telling how much damage they can cause. There is a huge difference between how applications make it into the Apple iTunes store and the Google Play Store.

For Apple, like with their software development itself, app vetting is a rigorous and painstaking process. Any app that intends to make it into the store has to meet the company’s strict security standards, and pass several tests as well. Generally, this is a great step in ensuring that only “safe” apps make it to user devices. In fact, most apps never make it past the security testing process, and unsafe apps that could threaten the device are therefore stopped in their tracks. The downside of this however, is that in the event that an unsafe app somehow makes it to the store, it can cause untold damage to innumerable devices.

Android Apps Are Easier to Get in the Google Play Store

Android-Open-Source-blog-img.jpg

Like the Android software itself, the Google Play Store has a significantly more open approach when it comes to app vetting. Although there is a set of criteria that apps have to fit in order to make it to the Play Store, it is generally harder for Google to vet the myriad of apps that get created at any given time. This makes it easier for malicious applications to slip through the cracks. It’s also worth noting that virtually any third party can create apps that could work on an Android device. And, they do not necessarily even have to make it into the Google Play Store to be downloaded to a phone or tablet.

On the bright side, downloading an app via the Google Play Store is not the only means through which Android phones can be protected devices from malicious software. Before users can launch apps that they installed manually, they are often asked to grant permission for the apps to run on their devices. Not granting permissions in some cases is all it takes to help boost the security of these devices. On another note, we’d be remiss if we didn’t point out that downloading an app from anywhere other than the Play Store could leave your phone even more open to vulnerabilities and security breaches.

Accessing the Phone

Both Android and iOS do a good job when it comes to protecting devices from unwanted access. For Android, you can protect your device using a password, patterns, face and voice recognition and even using your fingerprints to preventing others from using your phone. Apple has similar protection options including requiring that passwords have at least six characters, which does help boost device security.

Enterprise Security

Many people use their phones to store work-related data. For such people, device security is often a top priority as it rightfully should be. Both Androids and Apple iOS devices have the ability to download applications that encrypt and secure sensitive data separately from your personal data. Think of it as having two separate folders on one device. One folder has a base level of security, and the other folder has an extra layer of protection provided by the app to ensure its safety from troublemakers. This makes it even more difficult for cybercriminals to access this data, let alone tamper with such sensitive information.

Phone Popularity

As mentioned earlier, Apple iOS devices are much more expensive than Android devices are. It is this drastic difference in price that makes an Android device much more popular by the masses. When a hacker is looking to cause the most damage, they will typically go after the most popular platform, and the one that's easiest to break into. Therefore, it's no surprise that a much higher percentage of mobile malware attacks target Android over iOS devices. This doesn’t mean that Android security is weaker than iOS security or that iOS devices are necessarily better. It just means that when cybercriminals are looking to hurt the most people, they will choose Android over iOS based on popularity alone.

Of the Two, Is There Truly a More Secure Phone?

Android-Apple-phone-security-blog-img.jpg

The truth is neither phone system, Android nor iOS, is completely immune to malware attacks or other security compromises. In fact, some people may say that really, when you have a cybercriminal that is motivated enough to cause trouble, neither phone is better than the other. It is true that Android is targeted more by cybercriminals and hackers than iOS is, and often, these attacks tend to be successful. This is why many people are inclined to think iOS is safer than Android, but don’t assume that your iOS device is invulnerable. It may take longer, but if someone does figure out how to get into your iOS, it could be that much harder to secure your device after a breach.

Things You Can Do to Keep Your Phone Secure

  • Don’t download apps from unknown or suspicious outlets. Just because there is a free version of an app you want available, doesn’t mean you should use it. The trouble with using pirated or free apps instead of the paid ones from a known outlet like the Google Play Store or Apple iTunes is there is no guarantee it is safe. The Google Play Store or Apple iTunes are constantly vetting apps for a reason. Besides, like we said above, even Google can’t prevent all suspicious apps from getting onto their Play Store.
  • Don’t jailbreak or “unlock” your phone. Sure, it can be tempting to do this because it allows you to customize your phone in ways that aren’t available at the time of purchase. However, unlocking your phone opens it to vulnerabilities that the locked version is better equipped to protect. Did you know that the viruses that have struck iPhones were specifically created to target jailbroken devices? Even cybercriminals know that these are the phones that are the easiest to attack.
  • Use a password/passcode. If your phone is stolen, this will make it harder for a thief to access it. Sure, pins and passwords may feel annoying because you have to unlock your phone every time you want to use it, but the added security is worth the hassle.
  • Enable remote wipe for Android or “Find my iPhone” for iOS. Should your iPhone be stolen or misplaced, the “Find My iPhone” service can use the phone’s GPS to let you know where it is. For Android users, you can go to Settings, then Google, then Security and check “remotely locate this device,” as well as “allow remote lock and erase.” This way if your Android phone is misplaced or taken, you can remotely wipe the phone of all the data that is on it.
  • Update your phone regularly. Your phones updates often will include security patches for known breaches and vulnerabilities. By updating your phone, it will be better equipped to prevent an attack, or even kill a virus that managed to get onto your phone in the first place.
  • Refrain from using open WiFi. It’s tempting when you want to connect to WiFi to simply connect to any that is available. It’s better instead to use ones that are “semi-open” like those in coffee shops, stores, or retailers. It may frustrate you that you have to go to their site and agree to terms and services to use their WiFi, but that extra step could protect your phone from an attack.
  • Spread the word to app developers that they should use AppSolid to protect their applications from hackers. Consumers and app developers alike should spread the word about AppSolid because it helps keep apps safe. AppSolid is a powerful one-stop mobile security solution. It is carefully designed for app developers, to provide the strongest binary level of protection. If you found this article helpful, and you are an app developer, read on to learn about a free eBook we’ve written just for you.

How App Developers Can Help Ensure Mobile Security

While you can’t necessarily prevent another application from causing security breaches on Android or iOS devices, you can at least make sure that the apps you develop are protected against hackers. For more information on how you can protect your apps we invite you to download our new eBook “The Developer’s Guide to Mobile App Security.” To get your free copy today, click here. And, to learn more about AppSolid as well as its features, click here.

The-Developers-Guide-To-Mobile-App-Security

Topics: iOS Mobile Security, Android Mobile Security

Written by AppSolid Team