| Date | May 2024 | |
| Language | English | |
| Last Revision | June 6th 2024 |
| Release date | 2024-06-12 |
| Revision date | 2024-06-06 |
| Test Period | May 2024 |
| Number of Testcases | 3287 |
| Online with cloud connectivity |  |
| Update allowed | |
| False Alarm Test included | |
| Platform/OS | Android Mobile |
- Tested Products
- Test Results
- Product Reviews
Introduction
In this report, we aim to help readers evaluate both the built-in security measures of Android and various third-party mobile security apps. Our report covers results from malware protection and battery consumption tests, along with reviews assessing the functionality, app design, and overall usability of each security solution. While some of the tested apps may offer additional features such as an app manager, network monitor, or system optimizer, our primary focus is on security aspects, including anti-malware, anti-theft, web protection, and privacy protection.
Details
Mobile security products are designed primarily to safeguard mobile users and their devices from threats such as malicious apps, phishing URLs, fraudulent emails, and other harmful links. In 2021, we also evaluated how well some security apps for Android protect against stalkerware. This type of software operates covertly, enabling unauthorized individuals to spy on device owners without their knowledge or consent. While the lines between stalkerware and legitimate software, such as parental controls, can sometimes be blurred, Google Play has implemented stricter policies in recent years to combat this issue. Consequently, stalkerware is typically installed through side-loading since it is not available on Google Play.
Google Play regularly updates its policies to ensure a certain level of security, requiring app developers to verify their identity, digitally sign their apps, and meet API level requirements. Apps also undergo multiple review processes and require Google’s approval regarding privacy to remain available on Google Play. Moreover, developers must provide information about data collection, sharing, and deletion in the “Data Safety” section of their apps and must ensure that third-party SDK providers included in their apps do not sell personal or sensitive user data.
As Android’s built-in security features continue to evolve, it remains essential to ensure that third-party solutions provide effective malware protection. Given the prevalence of rogue antivirus apps offering inadequate security, independent testing and certification are more important than ever. We appreciate the vendors who participated in our tests and achieved certification, highlighting their dedication to maintaining high standards of mobile security. Our comprehensive certification process affirms the effectiveness and reliability of these products. Some manufacturers might prioritize other platforms or operating systems, believing Google’s security features for Android (e.g., Find My Device, Play Protect) provide sufficient protection. However, we encourage continued vigilance and innovation in mobile security solutions.
Another advantage of continuous and independent testing is that it assists security vendors in quality assurance. During this year’s testing, we discovered a bug in Play Protect that occasionally caused cloud requests to fail, preventing Play Protect from blocking the installation of some malicious apps. Our testing helped Google narrow down the cause of the faulty behaviour.
Google Android
Since the introduction of the runtime permission model in Android 6.0 (Marshmallow), Google has continuously enhanced device security and user privacy in the Android OS. The developments include concepts such as blocking side-loading, scoped storage, enforcing encrypted connections, restricting background app activities, partial access to resources (e.g., location, media), and auto-resetting runtime permissions for unused apps. These measures give Android users more control over sensitive information and data accessed by third-party apps. Starting with Android 14, apps targeting API levels lower than 23 can no longer be installed.
Recent Android versions come equipped with essential security features. For example, Play Protect, Google’s built-in malware scanner, scans apps during installation from Google Play or third-party sources and performs regular device checks for threats. Recently, Google enhanced Play Protect with real-time code-level scanning. When installing an app that Play Protect has never seen before, it recommends a scan and, if the user agrees, extracted app data is sent to Google for deeper analysis. The Safe Browsing API helps protect against malware and phishing links when using Google Chrome. Anti-theft functions, such as lock, locate, alarm, and wipe, are available through Google’s Find My Device, enabling users to locate lost or stolen phones and secure their personal data. Several app auditing features allow users to review and modify privacy settings, such as permissions and notifications, and monitor app usage, such as mobile data, battery consumption, and storage space.
Android also imposes restrictions on third-party security apps regarding device control, monitoring, and access to sensitive user data. As a result, some third-party security vendors(such as Avast or AVG) have decided to remove certain features from their latest app versions as they did not provide sufficient value compared to Android’s built-in features. It is important to note that not all of Google’s security features and third-party mobile security apps are available due to restrictions on specific devices, Android versions, Android-based operating systems, and geographical locations.
Malware protection by Google Play Protect is getting better each year. However, this will not help users in regions with geographical restrictions, such as mainland China, where Google services are inaccessible. Furthermore, devices based on modified versions of Android OS (e.g., HarmonyOS, FireOS, LineageOS) do not run Google apps or services by default thus lacking built-in malware protection.
In regions such as the United States and Europe, only two official app stores dominate the mobile app market: Google Play and the Apple App Store. The risk of inadvertently downloading and installing malware from Google Play is small, as the app store is regularly checked for fraudulent and dangerous apps. However, in many Asian countries, especially China, the risk of being infected by malware is much higher as there are various third-party app stores and many smartphones are rooted. There are about 1.76 billion active mobile devices in China, and about 77% of them run Android as the operating system.
The most used Android app stores are shown in the doughnut chart above. Google Play is used by almost no one (<0.1%). A US Executive Order signed in November 2020 prohibits US companies (such as Google) from doing business with blacklisted Chinese telecommunication companies. Consequently, Google apps and services, including Play Protect, will no longer be available on future device models from certain Chinese manufacturers.
For users unable to access Android’s built-in security features, there is a very strong argument for using a third-party security app. Even for those with full access to Google’s protection features, a third-party app can provide very valuable extra protection. Compared to Play Protect, third-party security apps may offer more comprehensive protection by scanning not only installed apps but also files and folders on the device storage. This proactive approach helps identify and mitigate malicious apps before they are installed and run. It is important to note that third-party security apps for Android supplement, rather than replace, Google’s security features.
Protection against Android malware
Smartphones are now commonly used as popular PC substitutes for a variety of daily tasks such as online shopping, banking, instant messaging, video conferencing, and emailing. However, with the increasing sophistication of cyberattacks, mobile devices are becoming a prime target, particularly through fraudulent apps and phishing websites that aim to steal user data or money. These malicious apps often disguise themselves as fake versions of popular apps that have been downloaded by millions of users from Google Play. To minimize the risk of falling victim to these threats, we recommend the following:
- Download apps only from official app stores like Google Play or reputable app makers and avoid third-party stores and side-loading.
- Check app reviews before installation and avoid those with predominantly negative or suspicious feedback.
- Be wary of opening links that you receive via e.g., text messages, emails, instant messenger chats, or social media, and block/delete unknown senders or spam.
- Pay attention when granting apps permissions or excessive access rights and question unnecessary requests.
- Keep your Android and third-party apps up to date with the latest patches.
- Use a certified antivirus app to provide an additional layer of protection. A list of antivirus apps for Android can be seen here: https://www.av-comparatives.org/list-of-mobile-security-vendors-android/
- Regularly back up your data using common backup solutions.
- Regularly evaluate the legitimacy, usefulness, and data handling practices of apps, whether online or on Google Play.
- Do not root your smartphone, mitigating the risk of malware infection and keeping the warranty.
- Disable unused settings and device sharing functions that could be potential attack vectors such as Bluetooth, NFC, or Wi-Fi calls.
- Use a VPN to secure your Internet connection, especially on public Wi-Fi networks.
How high is the risk of malware infection with an Android mobile phone?
The risk of malware on Android phones depends on multiple factors and cannot be answered simply. However, sticking to official app stores like Google Play lowers the infection risk. In Asian countries with many third-party app stores, the likelihood of harmful downloads is higher. Nevertheless, it is important to note that “low risk” does not mean ”no risk” as the threat landscape can change quickly. To be prepared, installing an appropriate security app on your smartphone is recommended. Currently, in western countries, protecting against data loss and identity theft from bad actors is more critical than malware protection.
Security Features
In this section, we provide a concise overview of key security components commonly found in mobile security products for Android.
The primary component is the malware scanner which safeguards users from unintentionally installing malicious apps on their device. Similar to antivirus programs for Windows, mobile security apps for Android incorporate other protection features: The real-time protection actively scans newly installed and/or downloaded apps for any malicious behaviour. The on-demand scanner examines the device for already installed malicious apps or malicious app installers on the internal storage and/or SD card. Keeping malware definitions up to date is a critical factor in effective protection, especially for apps that primarily rely on them for detecting malware. Certain tested products offer a cloud-assisted malware scanner to ensure access to the very latest definitions. Definition updates are either retrieved automatically by the app at specified time intervals or triggered manually by the user. | |
The anti-theft component is designed to remotely control a lost or stolen device. Android already includes core anti-theft features such as device lock, locate, wipe, and alarm. The tested security products extend this functionality with features such as location tracking, taking pictures of the thief using the device’s cameras, or triggering actions in response to suspicious device activities (e.g., locking the device when the SIM card is changed or trying to uninstall the security app, capturing pictures after multiple failed unlock attempts). This component is typically managed via a web interface. | |
Web protection prevents users from unintentionally downloading malicious apps or accessing phishing websites while browsing the Internet. Most of the tested products offer web protection for at least Google Chrome, the most popular browser on Android. Additionally, some apps support various third-party browsers to accommodate the user’s choice for their preferred mobile browser. | |
App lock is another useful security feature, enabling users to safeguard selected apps from unauthorized access. Users can set up a locking mechanism, such as PIN, password, pattern, or biometrics (e.g., fingerprint or face recognition on supported devices), which is required to launch a protected app. Furthermore, they might be able to customize the app locking behaviour, such as unlocking when connected to a trusted Wi-Fi or locking based on location or time schedule. | |
A privacy advisor or app audit feature is also included in most of the tested products, which typically scans the installed apps for possible privacy violations. This analysis examines app permissions that are uncommon, unnecessary, or inappropriate, as they may pose a risk to the user’s privacy. Based on this result, some security apps advise uninstalling “risky” apps. |
Tested Products
We have reviewed and tested the following products for this report. We congratulate the third-party security vendors, who have demonstrated that their solutions are effective and reputable, and helped to raise the standard for all mobile security solutions. The latest products were taken from Google Play at time of testing (May 2024). After the test, manufacturers had the opportunity to fix any flaws we discovered. Any bugs or issues discovered during the review that we consider critical must be fixed, and an updated app version must be published on Google Play within three weeks of reporting the issue. Any problems that have already been solved are noted in the reviews. The versions listed below apply to the updated product reviews.
Avast Mobile Security Free 24.7
AVG AntiVirus Free 24.7
Bitdefender Mobile Security 3.3
Kaspersky Premium for Android 11.111
Securion OnAV – Global 1.0
For this report, we used Android 14 which is currently the most recent Android version. We used the unmodified version of Android 14 to avoid potential issues caused by modifications from hardware manufacturers or mobile carriers.
| Vendor | Features |
|---|---|
| Avast |      |
| AVG | |
| Bitdefender |    |
| |
| Kaspersky | |
| Securion |  |
Symbols
To provide a simple overview of a product’s features, we use the same symbols as those on our website. At the beginning of each review, you will see these symbols: orange indicates included features, while grey indicates features that are not included. All symbols apply solely to Android 14.
| Anti-Malware | | includes a feature to scan against malicious apps |
| Anti-Theft | | includes remote features in case the smartphone gets lost or stolen |
| Safe Browsing | | includes a web filtering feature to block dangerous sites |
| App Lock | | includes a feature to prevent unauthorised access to installed apps |
| App Audit | | includes features to audit installed apps |
For each product’s anti-theft component, we provide brief comments on each function and use symbols in the table to indicate its performance in our tests.
 |  |  |
| no issues | minor issue(s) | major issue(s) |
Test Procedure
The malware used in the test was collected by us in the few weeks before the test. We used 3,287 malicious applications, to create a representative test set. Apps with the same certificates and/or the same internal code were removed, in order to have a test set of genuinely unique samples. The security products were updated and tested on May 6, 2024. The test was conducted with an active Internet connection on genuine Android smartphones (no emulators were used). The test set consisted exclusively of APK files. If available, an on-demand scan was conducted first. After this, every undetected app was installed and launched. We did this to allow the products to detect the malware using real-time protection. A false-positives test was also carried out using 500 clean apps. The results can be seen below (sorted by Malware Protection and number of False Positives; products with identical scores are sorted alphabetically).
Test Results
| Mobile Protection Rates | ||
| Protection Rate | False Positives | |
| Avast, AVG, Bitdefender, Kaspersky | 99.9% | 0 |
| 99.3%[1] | 10[2] | |
| Securion | 99.1% | 1 |
[1] A product bug caused a slightly increased number of misses.
[2] Mostly detected as privacy risk.
Battery Drain Test Results
As in our previous investigations, we measured the additional power consumption caused by each of the mobile security products. Testing the battery usage of a device might appear to be very straightforward at first glance. If one goes into more detail, the difficulties become apparent. Particularly with mobile phones, the usage patterns of different users are very varied.
Some use the multimedia functions extensively, others view a lot of documents, while some use only the telephone functions. We need to differentiate between power users who take advantage of all the possible functions in the device and traditional users who merely make and receive phone calls.
The test determined the effect of the mobile security app on battery use for the average user. The following daily usage scenario was simulated:
- 67 minutes using social media apps (such as YouTube)
- 40 minutes telephony
- 35 minutes surfing the Internet using the Google Chrome browser
- 22 minutes looking at photos
- 13 minutes watching videos saved on the phone itself
- 2 minutes sending and receiving mails using the Google Mail client
- 1 minute opening locally saved documents
In our test, we found that all the tested mobile security products had only a minor influence on battery life, as outlined in the table below. In general, we were able to give the tested mobile security apps high marks regarding power usage.
| Battery Drain Results | |
| Avast |  |
| AVG | |
| Bitdefender | |
| |
| Kaspersky | |
| Securion | |
| up to 3% |  | 3 to 8% | 8 to 15% | 15 to 25% | > 25% |
Product Reviews
Review Format
Here we have outlined the structure of the following product reviews for each of the mobile security apps in this test. Not every section regarding app features (except for Anti-Malware) might be applicable to all products as they offer different feature sets.
Introduction: We provide a concise overview of the product, stating its price model (free or paid) and highlighting its key features. We limit the number of features to the five basic security and privacy features (as denoted by the symbols in the top-right corner of the product review) and up to five additional features that we deem noteworthy. For easy comparison and better readability, we use standardized terms from our feature list which is found at the end of this report.
Usage: We briefly describe the first app start, initial app setup, and how to access the app features from the main app screen. It is important to note that all third-party antivirus apps ask the user to agree to their data protection policies and grant necessary permissions (e.g., all files access, location, camera, device admin rights) during setup or when activating specific features in order to function properly and provide full protection.
Anti-Malware: We explain what the malware scan does, if any suggestions for user actions are shown after the initial scan, what scan options (e.g., quick, full, scheduled scan) and settings for the detection behaviour are available, and mention interesting findings if malware is detected.
Anti-Theft: If applicable, we describe how to setup the feature, configure the available commands, and how to trigger them remotely. We also note additional settings and any faulty commands or misbehaviour upon execution. A table at the end of the product review shows a summary of the available anti-theft commands.
Web / Wi-Fi Protection: If applicable, we describe different protection capabilities against web threats and/or vulnerabilities on Wi-Fi networks. These include, for example, anti-phishing, VPN, and Wi-Fi scanner.
App Lock / Audit: If applicable, we describe the locking feature with its settings, which allows protecting selected apps from unauthorized access, and/or the feature to review key aspects of installed apps such as permissions, data usage, and storage space.
Parental Control: If applicable, we consider capabilities for regulating and monitoring children’s device activities and safeguarding them from inappropriate content. These include, for example, app locking, web filtering, and daily usage limits.
Privacy Protection: If applicable, we list several other features which can help further improve the user’s privacy, e.g., call filter, data leak checker, social network privacy scanner, protection against scam or malicious links in notifications and text messages.
Additional Features: We list additional app features which do not belong to one of the previous categories and we think are worth mentioning. These might include system optimizing tools to stop background apps or remove junk files or a task manager to uninstall/deactivate installed apps. These features must be integrated in the app (no separate app).
Conclusion: We give a short conclusion of the product, our experience with it, and leave a statement if any reviewed function did not work properly and was not fixed before this publication.
Avast - Mobile Security Free
Avast
Mobile Security Free
24.7.0
Introduction
Avast Mobile Security Free is an ad-supported product which also has a variety of security-and privacy-oriented features. These include anti-malware, safe browsing, app audit, Wi-Fi security, data leak checker, and photo vault. Other app components, such as Clean Junk and Wi-Fi Speed, help users monitor different aspects of their device. Avast asked us to test and review the free version of their product. Please note that Avast owns AVG, and the respective Android apps appear to be identical in functionality. There are some minor differences in the user interface, however.
Usage
Upon starting the app, the user must accept Avast’s Agreement and Privacy Policy. After viewing a brief overview of basic features, the user is prompted to select a paid license. However, the user can continue with the free and ad-supported app version by closing this prompt and accepting the Consent Policy for custom ads. The user is then prompted to perform a first scan of apps or all files. All the features can be accessed from the bottom navigation menu.
Anti-Malware
After the first device scan, the app suggests fixing potential security issues, such as turning on the web protection and setting up a screen lock.
The user can choose between a deep scan, which scans the entire storage and the device settings, or select individual files/folders to scan. The external storage (e.g., SD card) is not included when scanning the device storage.
Web & Wi-Fi Protection
The protection against malicious URLs and phishing websites offered by Web Shield works for different browser apps. The Network Inspector scans the currently connected Wi-Fi network for security threats.
App Audit
App Insights displays the permissions required by each app and allows users to directly uninstall an app and manage the app’s permissions.
It is also possible to browse apps grouped by the permissions they require. Furthermore, all installed apps are labelled with the risk categories “low”, “average”, and “high”, depending on the app’s permissions.
Privacy Protection
Hack Alerts allows the user to check whether their email or any related accounts have been involved in a data breach.
Additional Features
Photo Vault enables the user to securely store up to ten photos, which can only be accessed after entering the user-defined PIN.
The Wi-Fi Speed Test checks the Wi-Fi connection speed and Clean Junk helps to free up storage space by removing temporary or cached files. My Statistics shows a summary of security-related actions taken by Avast on the device, e.g., number of threats prevented.
Conclusion
Avast Mobile Security Free is a well-designed anti-malware app offering access to a range of security features, albeit with some limitations. It also includes optimization and privacy-enhancing tools. The app provides a step-by-step guide to setup each feature.
AVG - AntiVirus Free
AVG
AntiVirus Free
24.7.0
Introduction
AVG AntiVirus Free is an ad-supported product which includes a variety of security- and privacy-oriented features such as anti-malware, safe browsing, app audit, Wi-Fi security, data leak checker, and photo vault. Other app components, such as Clean Junk and Wi-Fi Speed, help the user monitor different aspects of the device. AVG asked us to test and review the free version of their product. Please note that AVG is owned by Avast, and the respective Android apps appear to be identical in functionality. There are some minor differences in the user interface, however.
Usage
Upon starting the app, the user must accept AVG’s Agreement and Privacy Policy. After viewing a brief overview of basic features, the user is prompted to select a paid license. However, the user can continue with the free and ad-supported app version by closing this prompt and accepting the Consent Policy for custom ads. The user is then prompted to perform a first scan of apps or all files. All the features can be accessed from the bottom navigation menu.
Anti-Malware
After the first device scan, the app suggests fixing potential security issues, such as turning on the web protection and setting up a screen lock.
The user can choose between a deep scan, which scans the entire storage and the device settings, or select individual files/folders to scan. The external storage (e.g., SD card) is not included when scanning the device storage.
Web & Wi-Fi Protection
The protection against malicious URLs and phishing websites offered by Web Shield works for different browser apps. The Network Inspector scans the currently connected Wi-Fi network for security threats.
App Audit
App Insights displays the permissions required by each app and allows users to directly uninstall each app and manage the app’s permissions.
It is also possible to browse apps grouped by the permissions they require. Furthermore, all installed apps are labelled with the risk categories “low”, “average”, and “high”, depending on the app’s permissions.
Privacy Protection
Hack Alerts allows the user to check whether their email or any related accounts have been involved in a data breach.
Additional Features
Photo Vault enables the user to securely store up to ten photos, which can only be accessed after entering the user-defined PIN.
The Wi-Fi Speed Test checks the Wi-Fi connection speed and Clean Junk helps to free up storage space by removing temporary or cached files. My Statistics shows a summary of security-related actions taken by AVG on the device, e.g., number of threats prevented.
Conclusion
AVG AntiVirus Free is a well-designed anti-malware app offering access to a range of security features, albeit with some limitations. It also includes optimization and privacy-enhancing tools. The app provides a step-by-step guide to setup each feature.
Bitdefender - Mobile Security
Introduction
Bitdefender Mobile Security is a paid-for security solution for Android. The Autopilot function acts as a security advisor, recommending actions to address security- and privacy-related issues. The app includes features such as anti-theft, safe browsing, app lock, data leak checker, scam protection (including SMS, instant messages), and a basic VPN service. Device activity can be controlled by the Bitdefender Central app or web interface at central.bitdefender.com.
Usage
Upon opening the app for the first time, the user must agree to Bitdefender’s subscription agreement, and either log in or create a new account with a 14-days trial period. The user is guided through the configuration of the necessary features, such as Malware Scanner and Web Protection. All functions are accessible using the menu at the bottom of the screen.
Anti-Malware
Real-time protection with in-the-cloud detection of malicious apps and files on the internal and external storage is enabled. Malware scan is therefore only available with an active Internet connection and can also be initiated using the Bitdefender Central app or web interface as soon as the device is online.
Besides the scan result, details about malware types the device is scanned for can be viewed. App Anomaly Detection and Download Scan can be activated as additional scan settings.
Anti-Theft
Anti-theft components are listed in the table below. The user is asked to set up a device lock and to choose an app-specific PIN to protect the app settings for the anti-theft and app-lock features. The remote commands Locate, Lock, Scream, and Wipe can be sent to all connected devices from either the Bitdefender Central app or web interface. The command interfaces show the current or last-known location and IP address of the device.
The Snap Photo feature takes a photo with the front camera, stores it on the device, and uploads it to Bitdefender Central when the wrong PIN has been entered three times in a row.
For the Lock command, you can enter a custom lock code in Bitdefender Central. However, it is noted that once you set and use an initial lock code, the same code will apply to all subsequent unlocking attempts. Additionally, if a lock code is already configured on your device, you must use that specific code to unlock it. Therefore, the lock code entered in Bitdefender Central has no effect at all which might confuse users.
Web & Wi-Fi Protection
The Web Protection feature blocks malicious URLs and phishing websites in various browser apps and displays a notification upon visiting banking pages. The app also includes a VPN service, providing up to 200 MB of data traffic per day while connected to an automatically chosen server. The option to warn the user each time the device connects to an open Wi-Fi is activated by default. An advanced version of the VPN is available as a separate app which offers more functions, such as split tunnelling, Internet Kill-Switch, ad blocker, anti-tracker and managing unsecured Wi-Fi networks.
App Lock
The App Lock feature limits access to chosen apps by locking them with a pre-defined PIN or using biometrics (e.g., fingerprint, face recognition). The user can configure the unlock behaviour of protected apps and if they should remain unlocked while connected to a trusted Wi-Fi network. The Random Keyboard feature randomizes the number position on the keyboard each time the lock screen is displayed. If Snap Photo is enabled, a photo is taken with the front camera after three failed unlock attempts with the PIN.
Privacy Protection
The Account Privacy feature enables the user to check whether an email address has been compromised in a data breach. Additional email accounts need to be verified with a confirmation code in advance. Scam Alert monitors and warns about incoming text messages and notifications that may contain scam/spam links. If Chat Protection is turned on, this accounts for chat messages received via certain social media apps as well.
Conclusion
Bitdefender Mobile Security provides a wide range of tools for monitoring the device security and user privacy. All anti-theft features worked as expected in our test.
| Anti-Theft Details | ||
| Commands Web | ||
| Locate | | Displays the location on Google Maps. |
| Alert/Scream | | Sounds an alarm and optionally shows a custom message on the unlocked device. Alert cannot be switched off if the device is locked. |
| Lock | | Locks the device only if a pre-defined Android lock screen is configured. |
| Wipe | | Triggers a factory reset and wipes external storage. |
| Additional Features | ||
| Snap Photo | | Takes a picture with the device’s front camera after 3 failed unlock attempts. |
Play Protect & OS Features
40.9.28
Introduction
With Google Play Services and Google Mobile Services (GMS), Google-certified Android devices are equipped with several preinstalled apps and APIs to connect to Google services (e.g., Chrome and Gmail) using one Google account. Play Protect is Google’s built-in malware protection, which monitors the device for malicious apps. Device security and privacy is further enhanced with anti-theft, safe browsing, and app auditing.
Usage
Play Protect is integrated in Google Play on supported and certified Android devices and can be found either via the Google Play app or Android system settings.
Anti-Malware
Play Protect integrates on-device protection with cloud-based components to detect potentially harmful applications (PHA) downloaded and installed from Google Play or other third-party sources. These include apps that hide or misrepresent important information and/or misuse permissions to access personal information, thus violating Google’s policies. The device is automatically scanned once a day for any evidence of PHA and users can also perform an on-demand scan.
On detection, the user is prompted to remove the PHA and future installations of it will be blocked. The settings “Scan apps with Play Protect” and “Improve harmful app detection” can be turned off if needed.
Anti-Theft
Anti-theft commands are listed in the table below. The anti-theft feature Find My Device can be operated remotely from the web interface at google.com/android/find, or the standalone app on a second Android device. The feature is automatically turned on as soon as a Google account is added to the device. The command interfaces show the current or last-known location, battery level, time, and name of the Wi-Fi the device is connected to. The device can only be locked if a lock screen was previously configured. The user will also be signed out from the current Google account.
Optionally, an on-display message and telephone number can be entered. The option to factory reset the device deletes all data from the internal and external device storage.
Web Protection
The Google Chrome browser app for Android includes a safe browsing feature with “Standard protection” activated by default. Users are alerted about dangerous websites and downloads. When switching to “Enhanced protection”, URLs are submitted to the cloud for deeper analysis and users are warned via Gmail if their passwords are exposed in a data breach. By default, options for “Do not Track” and “Always use secure connections” are disabled, “Use secure DNS” is enabled.
App Audit
In the Android system settings, all installed apps are listed, along with detailed information about their download source, version, notifications and permissions settings, and device usage (e.g., mobile data, battery, storage). Users can also disable/uninstall an app, force an app stop, and adjust the requested permissions.
The Permission Manager and option “Special access” categorize apps based on the permissions they request and empowers users with even more control over which permissions each app can access (e.g., location, camera, contacts, device admin rights, all files access, appear on top, install unknown apps). Permissions of apps, that have not been used for a few months, can be reviewed and reset if applicable.
Conclusion
Google Play Protect is preinstalled on certified Android devices. Depending on the device model, manufacturers may provide their own device-related security features, which might overlap with pre-existing GMS apps such as Google Chrome and Find My Device. All anti-theft commands worked as expected.
| Anti-Theft Details | ||
| Commands App & Web | ||
| Locate | | Displays the current or last-known location of all registered devices on Google Maps. |
| Secure Device | | Locks the device with the pre-defined locking mechanism and signs out from current the Google account. A message and/or phone number can be displayed on the locked device screen. |
| Factory reset | | Triggers a factory reset immediately, or after next device restart, and wipes the external storage. |
| Get directions | | Opens Google Maps and displays route navigation. Only available in-app. |
Kaspersky - Premium for Android
Kaspersky
Plus for Android
11.111.4
Introduction
Kaspersky Premium for Android is a well-rounded, paid-for mobile security solution. It offers a comprehensive set of tools to protect against malware, phishing, theft, and privacy violations. The app functionality is extended by additional features such as app lock, app audit, Wi-Fi security, unlimited VPN, data leak checker, notification protection, and a system settings checker. The Premium plan also includes licenses for separate apps, i.e. password manager (Identity Protection Wallet) and parental control (Safe Kids).
Usage
When first opening the app, users must agree to Kaspersky’s EULA and Privacy Policy. Optionally, they can also agree to statements regarding the Kaspersky Security Network and data processing for marketing purposes. The user is given the option to purchase a subscription, activate an existing one, or use the free version with limited features. After running the initial scan, the app encourages the user to configure various security components and device settings. On the app’s main screen, a database update as well as a quick scan can be started. All features can be accessed from the bottom menu bar.
Anti-Malware
When initiating a scan, the user is asked whether to perform a quick scan (installed apps only), a full scan of all files on the internal and external storage, or a selective scan of specific folders or files.
The scan settings provide fine-grained control over scan frequency, signature updates, scan behaviour. The default settings encompass the detection of e.g. adware and auto-dialers as well as scanning of installed apps and APK files. Switching to extended anti-virus mode monitors all file and installed app activities, granting users the ability to specify actions upon detection.
Anti-Theft
Anti-theft commands are listed in the table below. The setup requires the user to configure a secret code/pattern/fingerprint. Additional features include SIM Watch and Uninstallation Protection, which can be enabled. From the web interface at my.kaspersky.com, the remote commands Lock & Locate, Mugshot, Alarm, and Data Wipe can be sent and basic information, such as battery level, activated security features, weak settings, and images taken, can be viewed.
A custom message that is displayed on the lock screen can be attached to all commands except for Data Wipe. An email is sent after the commands Lock & Locate or Mugshot are successfully issued, and the results are automatically deleted from the web interface after 30 days. The web interface also contains a device-specific recovery code, which can restore access to a locked device in case the secret code/pattern/fingerprint got lost.
Web & Wi-Fi Protection
The Safe Browsing component safeguards the user from visiting phishing websites in supported browser apps. If enabled, any in-app link will be opened in Chrome. The user must accept Kaspersky’s VPN statement before using the unlimited VPN service. After that, it auto-selects the server closest to the device’s location, however, you can manually select from various other locations. The Smart Home Monitor notifies the user when a new device joins the Wi-Fi network.
App Lock & Audit
The App Lock feature allows the user to select and lock sensitive apps with the same secret code/pattern/fingerprint used for the anti-theft functions.
The My Apps component groups apps by permissions and provides app details, including their permissions, data usage and how much storage space they take. The feature also displays rarely used apps along with an option to uninstall each one.
Privacy Protection
Safe Messaging checks links received in text and instant messages and notifies the user about potential risks. Call Filter automatically declines incoming calls from blacklisted contacts. The Weak Settings Scan monitors the system settings for any vulnerabilities. Additional privacy features include searching for data leaks from hijacked accounts linked to email addresses (Data Leak Checker) and phone numbers (Identity Theft Check), as well as reviewing personal privacy settings of connected social media accounts (Social Privacy).
Conclusion
Kaspersky Premium for Android offers an extensive set of security and privacy features, which are thoroughly explained during setup. Features can be customised, and all the anti-theft commands worked flawlessly in our test.
| Anti-Theft Details | ||
| Commands Web | ||
| Lock & Locate | | Locks the device, displays the location on Google Maps map, and sends the location in an email. |
| Mugshot | | Locks the device and takes several pictures using the front camera. |
| Alarm | | Locks the device and rings an alarm. |
| Data Wipe | | Triggers a factory reset and wipes external storage. |
| Additional Features | ||
| SIM Watch | | Locks the device if the SIM card is removed or changed. |
| Uninstall Protection | | Locks the device if device administrator rights are removed from the app. |
Securion - OnAV
Securion
OnAV – Global
1.0.39
Introduction
Securion OnAV is a free-to-use and light-weighted mobile security app that primarily focuses on safeguarding the user and device against malware. This review covers the global version of the mobile anti-virus app, which differs from its original Korean counterpart.
Usage
First, the user must accept the EULA, Terms and Conditions, and the Privacy Policy. Without any user registration, it assigns a distinct ID to each device to prevent double sign-ups. A simple menu on the main screen displays all available functions and information.
Anti-Malware
The automatic real-time protection can be turned on and off in the app settings.
The on-demand scan only checks the internal storage for malicious apps and files. Detected malware is displayed in the scan results along with the full file path, allowing users to selectively view and delete items as needed. Previous scan results can be accessed from Scan Log on the main screen.
Conclusion
Securion OnAV is a free, slim, and user-friendly app that requires no registration and offers malware protection capabilities.
Feature List
Award levels reached in this Mobile Security Review
| Avast | APPROVED |
| AVG | APPROVED |
| Bitdefender | APPROVED |
| APPROVED | |
| Kaspersky | APPROVED |
| Securion | APPROVED |
Notes
The perfect mobile security product for all devices and all users does not exist. As with e.g. Windows products, we recommend drawing up a short list of products that might be suitable for you after reading our reviews about the advantages and disadvantages of each product. You can then install and test free trial versions of the candidate products for a few days (one at a time) to help make your decision easier. It is worth noting that for Android security products in particular, new versions with improvements and new functions are constantly being released.
All products tested this year qualify for our “Approved Mobile Product” award. To be certified, apps had to have a malware protection rate of at least 99%, not more than 10 FPs, and a battery drain impact of under 8%. Additionally, the core features of each program had to function reliably without any major issues.
| Avast Mobile Security Free is a well-designed and ad-supported anti-malware app that offers a range of features, enhancing security, privacy, and device performance. |
| AVG AntiVirus Free is a well-crafted and ad-supported mobile security solution that provides a diverse set of customizable security, privacy, and device optimization features. |
| Avira Prime for Android is a feature-rich mobile security app that enhances device security and safeguards user privacy. |
| Bitdefender Mobile Security encompasses advanced device protection and privacy-oriented functionality within a user-friendly app interface. |
| Google Android includes built-in malware protection, anti-theft and safe-browsing functionality, as well as privacy-enhancing features. Despite the discovered bug in Play Protect, Google managed to fulfil the certification requirements. |
| Securion OnAV – Global provides a slim and free-to-use app with malware protection capabilities. |
Copyright and Disclaimer
This publication is Copyright ©2024 by AV-Comparatives ®. Any use of the results, etc. in whole or in part, is ONLY permitted after the explicit written agreement of the management board of AV-Comparatives prior to any publication. AV-Comparatives and its testers cannot be held liable for any damage or loss, which might occur as result of, or in connection with, the use of the information provided in this paper. We take every possible care to ensure the correctness of the basic data, but a liability for the correctness of the test results cannot be taken by any representative of AV-Comparatives. We do not give any guarantee of the correctness, completeness, or suitability for a specific purpose of any of the information/content provided at any given time. No one else involved in creating, producing or delivering test results shall be liable for any indirect, special or consequential damage, or loss of profits, arising out of, or related to, the use or inability to use, the services provided by the website, test documents or any related data.
For more information about AV-Comparatives and the testing methodologies, please visit our website.
AV-Comparatives
(June2024)
