July 22, 2018

In Case Google's Defenses Fail: 21 Android Protection Apps Put to the Test

Despite security scan and a monitored Play Store, Google Play Protect exhibits the weakest malware detection in the test. That is why it is time for a stronger Android protection partner. AV-TEST tested which apps protect the best.

21 Android apps and Google Play Protect

put to the test under Android 6 Marshmallow

zoom

Google endeavors to protect the billions of its apps' users. But as the latest test shows, there are better protection partners for mobile Android devices. In the current test, the laboratory at AV-TEST evaluated 21 apps and the Android protection function, Google Play Protect, in terms of their protection, usability and features or extras.

12 apps earn top scores

In May 2018, the lab examined a total of 21 security apps and Google Play Protect under the Android 6.0.1 platform. In the two test segments of protection and usability, the laboratory awards a maximum of 6 points, and a maximum of 1 point for features. A total of 12 apps achieved the top score of 13 points: Alibaba, Avast, AVG, Avira, Bitdefender, G Data, Kaspersky Lab, McAfee, PSafe, Symantec, Tencent and Trend Micro. An additional 3 apps still received an excellent point score of 12.5: BullGuard, F-Secure and Quick Heal. The remaining apps achieved between 12 and 9 points. At the end of the list is Google Play Protect, also tested, with only 6 points.

21 Android apps put to the test

Reaching a top score of 13 points, a total of 12 apps delivered stellar performance – some of them can even be used free of charge

zoom ico
21 apps against 6,000 malware samples

12 apps detected the malware apps 100 percent in both test segments; Google Play Protect ended up dead last

zoom ico

1

21 Android apps put to the test

2

21 apps against 6,000 malware samples

Detection of 6,000 malware apps – no problem

The test involving the detection of malware apps occurs in two steps. First, the lab evaluates all security apps in the real-world test with 3,000 infected apps that are a maximum of 24 hours old. In the second step, the reference set is used, containing over 3,000 apps. These malware apps are a maximum of 4 weeks old. This is an acid test of whether the security packages can also capably detect old nemesis malware.

Of the 21 apps tested, 12 detect all attackers 100 percent in both test segments: Alibaba, Antiy, Bitdefender, Cheetah Mobile, G Data, Sophos, Symantec, Tencent, Trend Micro, Avast, AVG and PSafe. F-Secure and Kaspersky Lab achieved 99.9 percent in the real-world test and otherwise scored 100 percent. For their strong performance in terms of protection, a total of 17 apps reach the maximum achievable 6 points. The additional apps receive 5.5 to 2 points in the detection test. The protection of Google Play Protect is a weak 54.8 and 66.0 percent. This accounted for the rating of zero points.

Check for usability under everyday conditions

The test category of usability consists of several separate evaluations. There are tests, for example, whether the relevant security app uses lots of processor resources and generates lots of data traffic. Because that can cost a good deal of battery performance. Moreover, friend-foe detection is tested. To do so, each security app is required to properly detect nearly 3,000 normal mini applications from the Google Play Store and additional reliable sources.

With respect to loss of performance and battery load, none of the apps tested indicated abnormalities. In terms of friend-foe discrimination, the following security apps falsely detect 1 to 10 clean apps: AhnLab, Antiy, Cheetah Mobile, F-Secure and Ikarus. Only with Sophos do things really go awry. This security app wrongly detects nearly 100 clean apps as foes.

Avast Mobile Security

The free app achieved only top scores in the test and earned 13 points

zoom ico
Bitdefender Mobile Security

The app matched its past performance, once again earning the maximum 13 points

zoom ico
G Data Internet Security

The app garnered the maximum point score of 13 without a glitch

zoom ico
Symantec Norton Mobile Security

In the test, the app did not miss a single attacker – top score of 13 points

zoom ico

1

Avast Mobile Security

2

Bitdefender Mobile Security

3

G Data Internet Security

4

Symantec Norton Mobile Security

Features – partly invaluable, partly useless

In the last test category, features, the testers award a maximum of one point, as most of the extras in the security apps are not security-relevant. Only the anti-theft functions and safe browsing are topics of focus. Antiy, NSHC and Tencent offer no special anti-theft functions. Only the apps from BullGuard and NSHC offered no safe browsing.

Some apps also provide additional functions for parental control, backup, encryption and security functions for phoning, such as call blockers or message filters. But also security tools for WLANs and network monitors can be found selectively. Some of the functions are reserved to the premium version and can therefore only be tested for 15 or 30 days.

The alternatives in case Google's defenses fail

The market offers a vast selection of good security apps for mobile Android devices. The test showed that 12 out of 21 tested apps are the better choice compared to Google Play Protect. The apps from Alibaba, Avast, AVG, Avira, Bitdefender, G Data, Kaspersky Lab, McAfee, PSafe, Symantec, Tencent and Trend Micro finished with the top score of 13 points. Five of the 12 apps can even be used completely free of charge. Yet the other additional apps from BullGuard and F-Secure with 12.5 points are worth recommending.

Users should not rely only on Google Play Protect with its regular scans on mobile devices. The detection of the latest malware apps and also of malware in circulation for weeks is too mediocre. Every third infected app goes undetected as malware and can thus wreak havoc.

40 percent of the Android systems are still working with Version 5.1 to 2.3.3

Marcel Wabersky
Marcel Wabersky
Team Leader in the Technical Laboratory

Outdated systems are especially vulnerable to malware attacks. Yet even the latest Android systems are not highly secure.

Critics of security software for Android are always quick to cite the secure architecture of Android. It is structured so that, below the root level, apps do not have any system-relevant access. While that may be true in theory, another problem comes into play in practice: the vulnerabilities and security gaps in all Android versions, which are preyed upon by specially devised exploits which in this manner do gain access to the root level after all. Google itself provides on the website Android Security Bulletins a somewhat bewildering list of all vulnerabilities of Android 2.3.3 up to the latest Version 8.1 (Oreo). The current distribution of the Android systems is found on the Distribution Dashboard. There, Google lists that 40 percent of all active devices are still running on Android 2.3.3 to 5.1 (Lollipop). Currently, security researchers have evaluated an attack on devices with Android 4.0. In this scenario, the security system is circumvented by means of a memory attack, thus gaining access to the root level presumed to be secure.

Social Media

We want to stay in touch with you! Now there is an easy way to receive regular updates on the latest news and test releases.