Endurance Test with 25 Apps: the Best Security Apps for Android
If an app seeks to earn the highest point score of 13 test points in the laboratory, it really has to render top performance. The testers evaluate the protection performance and usability, and also take a look at the range of extra features. Currently there are 25 apps undergoing an endurance test in the laboratory, each vying for the top score. Now, after 6 months of testing from May to September 2016, AV-TEST is making the initial assessment before the apps are required to withstand at least 6 additional months of testing.
Sophos Mobile Security
The best security apps for Android
Detection tests with top ratings
Bitdefender Mobile Security
Halftime in the endurance test – 7 apps with maximum point scores
While thus far only 7 out of 25 apps managed to achieve the full 13 points, 7 additional apps are a mere two-tenths behind them. This means that more than 50% of all the apps tested are really good. Also very good: among the 14 apps mentioned, a total of 6 are freeware system protectors.
The apps with 13 points originate from Bitdefender, Kaspersky Lab, Qihoo 360, Sophos, Symantec, Tencent and Baidu. The latter app is only available in Chinese, however. The additional apps with 12.8 points all have one thing in common: in the test concerning their protection performance, they all committed one tiny error that led to the brutal point deduction. That is why they all scored only 5.8 out of 6 possible points in this category.
Over 21,000 malware apps in the test
In terms of protection performance, the apps have always been tested in two phases. First, the objective was to pass the real-time test, in which infected apps, some totally new and some merely a few hours old, are required to be detected and filtered out. Overall, this included over 10,500 apps. In the second test phase, the objective was to detect and remove the malware apps in the reference set. These apps with malware are extremely dangerous and at the time of the relevant test launch, they are a maximum of 4 weeks old. In total, the sets contain an additional 10,500 apps.
This most difficult phase with a total of 3 separate test rounds was mastered absolutely error-free by the apps from Baidu, Bitdefender, Kaspersky Lab, Qihoo 360, Sophos, Symantec and Tencent.
Battery killers and prone to false alarms?
The rumor that security apps drain the battery dry is definitely false. In all 3 test rounds, the power consumption of the security apps was monitored. The lab dispels all the rumors: all the apps put hardly any load on the processors of the devices and thus go easy on the batteries. So there are no battery killers.
Another encouraging sign: the data traffic generated by the system watchdogs is so minimal, that it is even negligible on devices with limited data volume.
In an additional test, the security apps are required to recognize other normal apps as benign and are not allowed to block their installation. For this purpose, the laboratory loaded some 6,000 apps from the Google Play Store and 3,000 apps from other sources. The result: only 5 out of 25 apps stumbled here and there, falsely detecting a clean app as malware. These were only individual cases, but they cost some apps valuable points.
What extras would you like?
In terms of extras and additional features, there are vast differences among apps. Because most features are not directly security-relevant, the lab only awards one point here. All the apps in the endurance test received one point. However, there are a few basic features that every app ought to have, such as anti-theft functions. These are found in 20 out of 25 apps. This extra feature is not included on the 5 apps from: Antiy, Cheetah Clean Master, NSHC, Qihoo 360 and Tencent. The frequently sought-after function of safe browsing is also included in many apps. Only Baidu, Bullguard, NSHC and Tencent do not have it.
In many apps, there are additional extras such as call blocking, filtering of messages, parental controls, backup or encryption. Some paid apps offer a free test phase in which all the features are activated. Once this test phase has ended, normally only the protection feature remains active.
Initial positive interim assessment
Although the endurance test still has at least 6 months to go, the initial interim assessment is very positive. The table shows 7 apps with the maximum point score of 13 and an additional 7 apps with 12.8 points. This means that, at the top of the table, 14 out of 25 apps are already neck and neck.
The apps with 13 points originate from Baidu, Bitdefender, Kaspersky Lab, Qihoo 360, Sophos, Symantec and Tencent. It is interesting to note that the apps from Baidu, Qihoo 360, Sophos and Tencent are even free of charge. However: the app from Baidu is only available in Chinese, and Qihoo 360 and Tencent are missing the anti-theft protection functions. Thus, the app from Sophos remains the free option alongside the best paid apps from Bitdefender, Kaspersky Lab and Symantec.
For some apps, the next 6 months will involve an additional grueling regimen of tests. Whether they will still be ranked at the very top of the table remains to be seen.
Google's Verify Apps – security or arrogance?
Maik Morgenstern, CTO AV-TEST GmbH
Google declares to the world that it protects Android users from behind the scenes. The apps in the Google Play Store are all said to be scanned, and Verify Apps is said to protect mobile devices against installations from unknown sources. But then why do infected apps continuously end up on devices by the millions?
There are only few months in which no infected app has been found in Google's Play Store. At the end of November, it was the manufacturer Doctor Web that found an app, "Multiple Accounts: 2 Accounts", infected with a Trojan. At that time, this app is said to have already ended up on Android devices 1 million times. If you believe the current Google philosophy, this actually should not have occurred. Because Google scans all store apps with its internal system, Google Bouncer, and additionally protects against programs from other sources with the Verify Apps function embedded in the Android system. According to its own Security Report from 2015, Google even scans devices remotely. In the report, Google refers to more than one billion devices with Android and an infection rate of "only" 0.5%. Only 0.15% of malware apps are said to originate from the Google Play Store. In figures, this means: over 5 million infected devices – over 1.5 million malware samples from the Play Store! If we take the discovery of Doctor Web as a comparison, the Google figures actually seem to be quite low.
Google shows resistance to tests
Many users ask how all this could happen and therefore repeatedly call upon the AV-TEST Institute to also test the Google function for comparison, in addition to the security apps. The test lab would be all too happy to do so; but it fails at the hands of Google. Because Google does not want malware authors to be able to test their infected apps to see whether they are detected: As soon as a device is fed with many malware apps, Google refuses to report whether these apps are malicious or not. Thus the lab cannot test the security technology of Google, as the laboratory test also involves feeding devices with many infected apps. Additional inquiries to decision-makers at Google have thus far hit a brick wall.
As long as Google insists on keeping its cards close to its chest, users cannot evaluate how well they are protected by the internal security mechanisms. Which means that the use of a security app for Android remains a good tip in any case.