Skip navigation

The Best Android Apps – 25 System Watchdogs in an Endurance Test

From July to December 2015, 25 protection apps for Android had to show their stuff. The object was to detect over 20,000 infected apps, some of which had only been in circulation for a few hours. Only 7 security apps achieved the top score of 13 points.

The best security apps for Android: 25 apps put to the Test (graphics: norebbo.com)

The best Android apps: 16 out of 25 Apps achieved excellent results, between 12.5 and 13 points in the endurance test between July and December.

Detection tests with 20,000 malware specimens: 4 out of 25 apps detected 100% of the malware threats in all the scan tests.

Qihoo 360 Antivirus: The Asian app provides reliable protection and can be used totally free of Charge.

Bitdefender Mobile Security: While this app does cost a small licensing fee, it provides perfect protection and comes with many extra Features.

Security gaps in Android 4.4: According to Wikipedia in November 2015, Kitkat is considered the most widely distributed Android version at 36% (screenshot: VTS for Android).

Holes in Android 5.0.1: The current Lollipop has only been partially patched – there are still Stagefright gaps (screenshot: VTS for Android).

"You don't need it, it just eats up memory and drains your battery" – those are only a few of the negative comments about security apps for Android. But who will protect the user from an infected app, which infiltrates the Android system through a security gap that has not been patched? That's right: a security app for Android. And as AV-TEST discovered in its endurance test from July to December 2015, there are apps that offer excellent protection, hardly affect system performance and won't drain the battery.

Increased risk due to porous security in Android

Since the first Android version, it's a fact that security gaps are also continuously found in Google's operating system. If the system is somewhat up to date, there is often an update for it from Google. But that still doesn't mean that the manufacturers of mobile devices, such as Samsung, LG or HTC, will indeed incorporate the update and offer it to their customers. In most cases, there are no longer any updates for old Android versions, and users are left to fend for themselves. Those who want to test their existing Android version can do so with the free app "VTS for Android" (fromGitHub). Google surprisingly removed the app from the store, citing security issues as the reason. Perhaps the tool is also somewhat too direct for Google. After all, it identifies all the security gaps in the existing Android system and corresponding CVEs – Common Vulnerabilities and Exposures. While a protection app cannot close the gaps, it can at least intercept and liquidate apps that are infiltrating the system via the vulnerability.

25 apps in an endurance test and many high scores

The 25 apps evaluated in the endurance test were required to detect infected apps, document their usability and demonstrate their extra features. And not only once but in three successive tests over several months.

The most important test area is the detection of apps infected with malware. The laboratory divided this segment into the steps real-time test and reference set. For the first segment, each security solution was loaded onto a smart phone Android 5.1.1 and left in its default configuration. Then, several thousands of infected apps were installed on each of the 25 identical test devices simultaneously (hence, real-time), all of which originated directly from the Internet. Some of the apps had only been in circulation for a few hours. During the test with the reference set, up to four-week old malware apps were copied onto the test devices.

The result then emerged throughout all 3 tests. The 4 apps from Bitdefender, ESET, Qihoo 360 and Sophos each achieved a 100 percent malware detection rate in both test segments – real-time test and reference set. The apps from Avira, Baidu, Kaspersky, Symantec and Trend Micro missed the top score by only a tenth of a percentage point. Also following extremely closely behind were the apps from AhnLab, Antiy and G Data.

Lots of security in the background

As previously mentioned, security apps are often reputed as draining the battery or putting the brakes on the system. In order to examine this phenomenon, the laboratory measured the CPU and the battery load exerted by the protection apps. Moreover, it was examined whether the system protectors in the background moved lots of data, thus eating into the user's monthly data allotment. Under this test item "usability", the laboratory also counts alarms occurring due to false positive detection of an app. In order to test this, just under 9,000 apps from the Google store and other reliable sources were installed; for each of the 25 security solutions. The result is outstanding: 24 apps received 5.5 points for their excellent performance or the perfect score of 6 points. Only the app from Ikarus achieved a mere 4.7 points, as it frequently exhibited too high a battery load.

A wild assortment of extra features

In the test, only one additional point is awarded for extra features, as they are not security relevant. What's more, some users find many extra features annoying, whereas other users welcome them.

The so-called anti-theft functions are naturally very helpful. They allow the device to be located and remotely locked, or you can purge the data on the device. The only apps not offering these functions are Antiy, Cheetah Mobile (Clean Master), NSHC and Tencent. Additional interesting extras, for example, are call blocking, filtering of messages, a safe browsing function, parental controls, backup or encryption. No app offers a vast number of extra features. Rather, there is a varied mix of features offered. Individual products also offer special functions for safe payment on the Internet, tools for system optimization or, for example, for the protection of personal user data.

For purchase apps, some additional functions are only activated if the license has been purchased. Otherwise, these premium functions shut down after the test period. The security functions are naturally not affected by this.

Secure partners for Android devices

Each app was able to achieve a maximum of 13 points. The 7 apps from Baidu, Bitdefender, Cheetah Mobile (Clean Master), G Data, Qihoo 360, Symantec and Trend Micro attained this top score in the endurance test. This is closely followed by nine additional apps with 12.5 to 12.8 points. Many of the best apps are even free of charge.

The users now have the choice of which protection program they like the most. In case security is the sole criterion, 11 apps with top scores are available. A total of six can be used free of charge.

The notion that watchdogs for Android put a burden on the system is totally groundless. The endurance test proves that even apps with the best security performance work inconspicuously in the background and do not put a burden on either the processor or the battery. Users who have gone without the use of a protection app based on groundless prejudices ought to immediately perform the installation after all. They have enough to choose from.

Security gaps in Android from Ice Cream Sandwich to Lollipop

Maik Morgenstern,
CTO AV-TEST GmbH

Many users are totally unaware that Android from Version 4.0.4 to 5.1.1 – otherwise known as Lollipop – has many security gaps that have not been patched. What's worse, there are no patches in sight for many of them.

The organization of the Android operating system is considered quite secure, as apps are launched in closed processes and cannot access the system in the root area or other apps. However, there are open security gaps in each Android system that will probably never be closed, except for now in 6. If an attacker exploits this gap, he can load an infected app onto the system and the user will be none the wiser.

The most well-known gap bears the name "Stagefright". This standard library for the processing of multimedia files has been used since Android 2.3 to 5.1.1. Experts say that 95 percent of all Android devices are affected. Using the free app, "VTS for Android" (from GitHub, not from the Google app store), user can check this on their own. Unfortunately, it's up to the manufacturers of mobile devices to decide whether they offer a security update or not. Some manufacturers have reacted, while unfortunately others have not. Especially the older Android versions are not on any manufacturer's update schedule. This is where only the use of a security app will help, as it scans, detects and liquidates malware apps exploiting the vulnerability.

In the meantime, Google and Samsung offer a monthly security update for their more recent devices. Other manufacturers, such as HTC, do offer one as well, but the updates vary according to the device and country, and are not available everywhere. It's highly likely that some manufacturers will soon be officially promoting the monthly security updates. This may possibly force other manufacturers to follow suit.

Share news: