Skip navigation

35 Android Protection Apps Put to a 6-Month Endurance Test

At the turn of the year, the number of Android-based devices has been growing in leaps and bounds. This also increases the number of vulnerable smart phones and tablets operating without a decent protection app. AV-TEST labs put 35 security apps to the test over a period of 6 months, examining their protection function, usability and extra features.

Malware for Android: AV-TEST has already counted 4 million infected apps for Android – that's twice as many compared to one year ago (AV-TEST, last amended in December 2014).

Android apps put to an endurance test: 35 apps had to prove their reliability in up to 3 tests over a period of 6 months (AV-TEST, last amended in December 2014).

Security performance of the Android apps: Of the 35 tested apps, 11 always detected and thwarted threats without exception (AV-TEST, last amended in December 2014).

Antiy: The app always attained excellent results in the endurance test, but unfortunately offers no anti-theft functions.

Bitdefender Mobile Security: The system protector from Bitdefender always achieved top scores, but costs an annual fee.

According to the latest surveys, this Christmas there is supposed to be another major surge of Android-based tablets and smart phones under the tree. This puts the number of worldwide Android-based users at an estimated 2 billion. In Germany, over 80 percent of mobile devices run on a version of Android.

Given the large number of devices, no wonder cybercriminals are launching more and more malware specimens that carry out more and more insidious attacks on users. Up to the end of 2014, AV-TEST already counted 4 million malware samples – that's twice the number of threats compared to one year ago.

35 apps for android in an endurance test

To enable users to protect their devices more effectively, the laboratory at AV-TEST tested 35 apps for their protection function, usability and built-in extra features. The test lasted 6 months. During this time, the apps were required to complete three series of tests. All the results were subsequently logged and the average was calculated.

In this, not all apps were included in all the test segments. A total of 26 apps completed all three tests. The remaining 9 participated in one or two tests. These apps are marked accordingly in the table.

Wholly 7 of the 26 apps that took part in all the test rounds achieved the top score of 13 points. They are from Antiy, Bitdefender, Cheetah Mobile (three versions), ESET and Qihoo. An additional 10 apps follow with very favorable point scores between 12.3 and 12.8 points.

Very promising candidates are among the apps that only participated in one or two tests. BullGuard and PSafe always reached the maximum point score on both tests.

Good scanning performance – good protection function

In the protection function test, the system watchdogs for Android were required to detect and remove just under 2,600 infected apps on average per session. The lab collected all the apps on the Web shortly prior to test launch, singling out the most malicious examples for the test. This procedure was repeated for each of the three tests.

The result: 8 apps finished consistently at the top, as they detected all the threats: Antiy, Bitdefender, Cheetah Mobile (3 versions), ESET, Qihoo and Trend Micro. An additional 5 still detected an impressive 99.9 percent. In total, 19 of the 26 apps found between 99 and 100 percent of the threats on average throughout all the tests.

In the endurance test, the remaining 7 apps achieved only detection rates of 94.8 to 97.9 percent. Unfortunately, these also include some known apps.

Usability – everyday performance

Naturally for the lab, performance in terms of the protection function was not the sole criterion. An app providing solid protection also ought to use as few resources as possible and not constantly nag the user with false messages.

If we only look back one year, there were consistently apps that continuously demanded processor resources, thus putting an excessive strain on the battery. There were also repeated false positives when downloading apps from the Google Play Store or other secure providers. The lab tested all these items in many individual steps. For example, during the test for false positives: all the security programs were required to detect just under 3,000 good apps and were not allowed to trigger a false alarm.

The fact that almost all the manufacturers had done their homework is evident in the point scores assigned by the testers: among 26 apps, 24 in this category achieved 5 to 6 points out of 6. Only the Apps from Symantec and AVG were able to achieve a mere 4.3 points, as they triggered a false alarm somewhat more frequently.

The 4 apps with only 2 tests also completed this section with promising 5.8 to 6 points.

Extras: theft prevention ought to be included

Some of the apps – whether freeware or annual fee – are practically overflowing with extra features, while others offer hardly anything at all. However, it is debatable whether these functions are all useful or not. That's why the testers rated the extra features with only one point.

Not absolutely necessary, but extremely welcome, are the anti-theft functions in apps that allow the user to lock, locate or remotely wipe the device. Unfortunately, some of the apps come without this function: Antiy, Baidu, DU Apps Studio, Cheetah Mobile (except in the CM Security version), TrustLook and White Gate.

Some of the apps offer an assorted mix of additional functions, such as childproofing, incoming call blocking, message filtering, encryption or surfing protection. Some even have extra functions such as network monitors, app managers or battery-saving options.

All of the apps, regardless whether they were included in one, two or three tests, received 1 point from the testers for their features.

For paid apps, some of the extras only worked during the test period, as they were included among the premium features. These extra functions could only be used again if the user purchased an annual license.

Attackers want only the best: your money

These days, smart phones and tablets are used far more often on a daily basis in households than existing PCs or notebooks. They enable you to quickly order merchandise or check your bank balance. However: while good security applications are already standard on PCs, mobile devices are often only protected poorly or not at all. Something worth remembering: Many manufacturers include a free version for a mobile device along with their PC license. Take advantage of this for more protection.

The test result shows that there are not only many good protection apps, some of them don't even cost money. Among the 7 apps each scoring a maximum 13 points, 5 are in fact available for free: Antiy, Cheetah Mobile (3 versions) and Qihoo.

Those who prefer a paid software product will find a good tandem selection for their device in the system protectors from Bitdefender, ESET and Trend Micro. The products can also be fully tested for 15 or 30 days. Beyond that time, the protection continues, but all the other functions shut down.

Our tip: Anyone still having difficulty deciding on "the best protection app" can also compare the previous endurance test from January to June 2014 with this one. Some of the app names are identical at the top of the table:

36 Security apps for android are put under constant fire

Expert knowledge on "Android Malware"

Director Technical Lab:
Hendrik Pilz

The current proliferation of Android malware is already unsettling, but even worse is the quality of the new malware threats for Android systems.

The first generations of Android malware were concealed in infected apps, such as popular games. While the full version was available for a price in the Google play store, a purported freeware version with integrated malware code was distributed via shady sources. Once installed on the smartphone, the app suddenly launched expensive premium text messages.

The new generations of malware are becoming more and more devious, however. Relatively new on the scene is so-called ransomware. It blocks the user's device and demands the transfer of a sum of money to unlock it. Unfortunately, there are always some users who give into the demand, but naturally the device remains blocked, and data is usually lost.

Novel bankbots hide in apps and seek out the credit card data entered by the user, steal it and abuse the data for purchases over the Web.

Many users simply do not realize that their mobile Android-based device is normally online 24 hours a day, 7 days a week, and thus always an available target for attackers. That's why you should always rely on a good protection app, only install apps from known sources and pay attention to the permissions demanded by the app. After all, there is no reason for a flashlight app, for example, to have access to all the contact data, the microphone and the camera. When in doubt, do not install such an app.

Share news: