Android vs. iPhone: Which Is More Secure in 2017?
Pinterest Stumbleupon Whatsapp
Advertisement

Thanksgiving, Black Friday, Cyber Monday, and Christmas come around every year, with bumper deals on so many things it hurts my brain to think about it. Why am I telling you this? Well, with all the incoming deals you might consider picking up a new smartphone. 2017 has given us a new iPhone generation 6 Reasons to Upgrade to the iPhone 8 6 Reasons to Upgrade to the iPhone 8 Is the iPhone 8 really worth upgrading from your 7 or 6s? And what about the iPhone X? Read More , as well as some great Android handsets, too (our Samsung Galaxy S8 The Greatest Smartphone You Shouldn't Buy: Samsung Galaxy S8 Review (and Giveaway!) The Greatest Smartphone You Shouldn't Buy: Samsung Galaxy S8 Review (and Giveaway!) The $800 Samsung Galaxy S8 is, without question, the best smartphone ever made. But you probably shouldn't buy one. Read More and OnePlus 5 OnePlus 5 Review: Seriously, This is the Best Android Right Now OnePlus 5 Review: Seriously, This is the Best Android Right Now This is the best Android phone on the market. It has a solid design, amazing cameras, intuitive software, and it's cheaper than other flagship devices. Read More reviews).

But before you rush out and grab one or the other, consider this: which is the most secure smartphone operating system? Is it an Android device, or an iPhone?

Security Feature Overview

Let’s start by considering the most important smartphone security features. This is the core set of security features no smartphone operating system should be without.

  • Overall device control, including bloatware app deletion, locking, PINs, and passwords
  • App Store/Play Store security, including app permissions
  • Bug and exploit security, update frequency
  • Malware and ransomware protection

Let’s consider the security features offered by Android 8.0 Oreo Android O Is Oreo and Rolling Out Soon Android O Is Oreo and Rolling Out Soon After months of speculation, Google has confirmed that Android 8.0 is Android Oreo. And for the lucky few who own the right devices, Android Oreo will be rolling out soon. Read More and Apple iOS 11 iOS 11 Out Now: How to Download & Install it on iPhone & iPad iOS 11 Out Now: How to Download & Install it on iPhone & iPad iOs 11 adds new features, security fixes, and forwards-compatibility with future apps — so what are you waiting for? Read More .

Bloatware

Having overall control of your device is important. It sounds like something basic. But anyone who has purchased a branded smartphone knows all too well that this can sometimes be far from the truth. Undeletable apps, unknown updates, additional battery and bandwidth use, and reduced storage are just some of the pitfalls of this situation. So, how do Android and iOS handle this issue?

iOS

iOS 11 comes with several pre-installed apps These iOS Apps Will Make You Want an iPhone Over an Android These iOS Apps Will Make You Want an iPhone Over an Android While many big-name apps are available on both Android and iOS, there are still quite a few that you'll only find on your iPhone or iPad. Read More . You can delete the majority of built-in apps from iOS 11 (find the full list here). And having that control is a great feature. But even better is the fact that if you keep the pre-installed apps, you know they are developed and signed by Apple. The vast majority of Apple-designed pre-installed apps have remained secure over the years.

To delete a pre-installed iOS 11 app:

  1. Touch and hold the app symbol until it jiggles.
  2. Tap the app, then tap Delete
  3. Press the Home button to finish

Android

Android is a completely different affair. Google develops the Android operating system, but a wide range of device manufacturers use it. As such, different smartphones come with different pre-installed apps. The level of bloatware is astounding, at times. I purchased a Samsung Galaxy S8, and it took months for Samsung even to allow users to disable the Bixby smart assistant Google Assistant Vs. Bixby: Does Samsung Have Any Hope? Google Assistant Vs. Bixby: Does Samsung Have Any Hope? Samsung has introduced their own voice-controlled competitor to Google Assistant -- but is it enough? Read More button (without rooting the phone), let alone the other pre-installed apps How to Remove Bloatware on Android Without Rooting How to Remove Bloatware on Android Without Rooting Did your phone come with a bunch of crappy apps pre-installed? Let us show you how to get rid of them the easy way. Read More .

Samsung is not the only offender, however. They’re not even the worse. Some U.S. carriers see pre-installed apps as a way of further ensnaring you into payment systems. As such, removing Android pre-installed apps is usually a difficult experience.

And, unlike Apple, Android pre-installed apps are predominantly developed by the device manufacturer. As such, there is no uniform approach to pre-installation. This is exacerbated by the range of Android operating systems in operation. Older devices with aging operating system versions have different vulnerabilities to newer devices (and manufacturers have much less incentive to patch old devices, too). As such, vulnerabilities appear unexpectedly, entirely dependent on the device.

Want to remove Android bloatware? You’ll have to complete an internet search for your “[your device] + remove bloatware.” There are simply too many phones out there for us to offer specific advice. As well as this, you’re probably going to need full root access This Is the Best Way to Root Your Android Device This Is the Best Way to Root Your Android Device If you want to root your Android phone or tablet, this is the best way to do it. It bypasses restrictions that other root methods don't. Read More to completely remove Android bloatware — a whole different set of issues. (Check out our guide if you’re unsure! The Complete Guide to Rooting Your Android Phone or Tablet The Complete Guide to Rooting Your Android Phone or Tablet So, you want to root your Android device? Here's everything you need to know. Read More )

Bloatware Result

iOS wins this round. Pre-installed apps are easy to uninstall (for the most part). The restrictive iOS platform offers better overall security than open-source Android.

Locking, PINs, Passwords

Next up, we’ll consider the options for locking your device using a PIN, password, or otherwise. Naturally, you’ll protect your smartphone with a password or alternative, but which operating system does it best?

iOS

The release of iOS 11 attracted a significant amount of interest. The new operating system granted users the opportunity to lock and unlock their device using only their face. The new-to-iOS tech, called FaceID Buying an iPhone X? Face ID Might Make You Reconsider Buying an iPhone X? Face ID Might Make You Reconsider The iPhone X's most notable feature is the Face ID device unlock system. But how secure is it? Will Apple have access to a huge database of everyone's faces? Read More , has already come under serious scrutiny. In fact, as I was penning this article, Vietnamese research team Bkav claimed to have cracked FaceID security using just a mask. The tech world is still waiting for further confirmation, but you should still watch the video below.

That said, this is fairly elaborate, and won’t affect you at the current time.

Further to FaceID, TouchID has featured on every iPhone since 2013 (bar the recent iPhone X The Complete Guide to Using Your iPhone X The Complete Guide to Using Your iPhone X The iPhone X rewrites 10 years of iPhone history, and with it 10 years of muscle memory. Here's how to adapt to Apple's new way of doing things. Read More ). TouchID enables fingerprint unlocking for fast device access. TouchID is touted as the most secure iOS lock method but has also been compromised by enterprising hackers.

TouchID has been compromised in other ways, too. Most hacks remain difficult and require direct access to a device or your hand. (Users can disable TouchID by pressing the power button quickly five times. This opens “emergency mode,” allowing a user to call 911 without fully unlocking the device.)

If you’re not using TouchID or FaceID, you’ll set a strong passcode Setting a Strong Alphanumeric Passcode and 16 Other Ways to Secure Your iPhone Setting a Strong Alphanumeric Passcode and 16 Other Ways to Secure Your iPhone The convenience of an iPhone can come at a price if you don’t secure your device well enough, so let us show you how. Read More . iOS passcode options are:

  • Six-digit passcode
  • Four-digit numeric code
  • Custom numeric code (any number of digits)
  • Custom alphanumeric code (any number of letters and digits)

When using a passcode, there is another option to consider: Erase Data. This option deletes all data on the device Forgot Your iPhone Passcode? Here's What You Can Do Forgot Your iPhone Passcode? Here's What You Can Do Since you're less accustomed to entering it now, the chances of forgetting your iPhone's passcode have shot up significantly. Here's how to reset it. Read More after ten failed passcode attempts. If this option is disabled, the device will need restoring in iTunes (after ten failed attempts).

Android

Android offered facial unlocking technology before iOS, but has suffered the same issues. The Samsung Galaxy S8 face recognition lock was easily fooled by a photo. Check out the video below.

As with many things Android, your security options are somewhat specific to your device. For instance, my S8 features an iris scanner Are Retina/Iris Scanners The Next Level Of Mobile Security? Are Retina/Iris Scanners The Next Level Of Mobile Security? Rumors are swirling that the Samsung Galaxy Note 4 could have a retina or iris scanner built-in. Sounds like a science fiction movie, but these kinds of personalized locking mechanisms aren't always perfect. Read More , but other recent devices from other manufacturers do not. Similarly, thumbprint scanners aren’t available with all devices.

For the most part, Android 8.0 users will have access to the following standard locking features:

  • Swipe: No protection, stops apps opening in pocket
  • Pattern: Low to medium protection, sometimes guessed from smears on the smartphone screen, cracking software exists
  • PIN: Medium to high protection, up to 16 digits
  • Password: Medium to high protection, up to 16 alphanumeric characters

The best option is combining security features, like a fingerprint scan with a PIN, and so on. That way if one barrier is broken down, there is always a backup.

However, Android being open source is a blessing and curse Is Android Really Open Source? And Does It Even Matter? Is Android Really Open Source? And Does It Even Matter? Here we explore whether or not Android is really open source. After all, it is based on Linux! Read More . Open-source software exists to crack Android pattern locks New Research Proves Android Unlock Patterns Suck New Research Proves Android Unlock Patterns Suck If you unlock your Android handset using a pattern, you should consider using a PIN code instead. Because new research shows that Android unlock patterns are really not secure. Read More , usually doing so in less than five attempts. Furthermore, there are several methods for completely bypassing the standard lock-screen and entering the core of an Android device. Are you waiting for the plus side? There are numerous excellent additional Android security apps out there. You can easily bulk out your security for free. Furthermore, Android users can set Smart Lock areas Smart Lock on Android Makes Locking Your Phone Way Easier Smart Lock on Android Makes Locking Your Phone Way Easier It's annoying to always have to unlock your phone, but it's unsafe to never lock it. Thankfully, there's a nice middle ground: Smart Lock. Read More . For instance, when you connect to your home Wi-Fi, your device will remain unlocked.

As with bloatware, the issues faced by Android devices directly relates to the manufacturer version. There is more than one occasion where a manufacturer developed version of Android is susceptible to PIN and password override issues while stock Android remains secure.

Locking, PINs, Passwords Results

A close section, but I think iOS 11 edges it. iOS 11 allows for unlimited alphanumeric password length. This means users can create lengthy passcodes like martyr silent blind towing wolves cask herd or rout axiom afire lanky sarcasm align therapy. These passcodes use 44 characters and will take an age to brute force. The following is an extremely relevant xkcd:

android vs iphone which is more secure

And while you can bulk out your Android security with apps that allow lengthy passcodes, it isn’t baked into the base functionality.

As mentioned above, combine security options to give yourself greater coverage.

App Store and Play Store Security

The Apple App Store and Google Play Store are where iOS and Android users download apps, respectively. Many apps feature in both stores, but that doesn’t make their security the same. The security approach of both app stores has aligned over recent years as both Apple and Google learn from one another (Google, particularly). But which app store has the best security?

iOS: App Store

The App Store has long been considered vastly more secure that is Android counterpart. Why? Because Apple tightly controls the development process for iOS. There are vastly more hoops to jump through, attracting a deeper appraisal and security process.

That’s not to say the App Store remains clear of security issues.

In 2015, Apple removed hundreds of apps infected with the XCodeGhost malware How to Fix 5 Common iPhone & iPad Security Threats How to Fix 5 Common iPhone & iPad Security Threats New security threats prove that Apple devices are no longer "bullet-proof". IPhone and iPad owners need to know which threats they could encounter, and how to fix them if the worst happens. Read More . And before that there was WireLurker, Masque Attack, and AceDeceiver Cracked: AceDeceiver Installs Malware on Factory iPhones Cracked: AceDeceiver Installs Malware on Factory iPhones A new iPhone malware is able to infect factory-configured iPhones without the user realizing, by exploiting fundamental flaws in Apple's FairPlay DRM system. This changes things. Read More , as well as underlying SSL issues (all are long fixed). At the time of writing, Apple is purging third-party apps that do not live up to their billing. This includes apps that include superfluous code, or that attempt to inject alternative ads after download. Furthermore, a recent Skycure report [PDF] exploring iOS hacking found iOS malware increasing quarterly.

android vs iphone which is more secure

Android: Play Store

The Google Play Store has more than a few malware issues Has Your Android Phone Been Infected with Malware? Has Your Android Phone Been Infected with Malware? How does malware get on an Android device? After all, most users only install apps through the Play Store, and Google keeps a tight watch over that to make sure malware doesn't squeeze through, right?... Read More . In fact, the numbers are startling. A recent study found some malicious apps with up to 4.2 million downloads. Security researchers at Check Point noted that even after Google removed the offending apps, new versions would appear, instantly attracting downloads.

Recently, Android users have contended with malware such as Xavier Has Xavier Malware Infected Apps on Your Android Device?  Has Xavier Malware Infected Apps on Your Android Device?  A new vulnerability, Xavier, has been discovered on Android -- and it has been exploited for some time. Are your devices affected? And what can you do about it? Read More , Judy, ExpensiveWall, Googlian Gooligan Malware Infects 1 Million Android Devices Gooligan Malware Infects 1 Million Android Devices A new type of malware has already infected 1 million Android devices. Dubbed Gooligan, this malware roots Android, giving the hackers full control of people's devices. Read More , Godless, and SonicSpy. A major bonus for malware developers is the sheer range of Android devices, many of them running severely outdated Android versions How Millions of Apps Are Vulnerable to a Single Security Hack How Millions of Apps Are Vulnerable to a Single Security Hack OAuth is an open standard used to allow you to login to a third-party app or website by using a Facebook, Twitter, or Google account -- and it's vulnerable to hackers. Read More . These unpatched, vulnerable devices are the delightful low-hanging fruit for malware developers.

The Google response to ongoing malware issues hasn’t always been as swift as Android users would like. In 2017, however, Google introduced a number of measures to stop malware-infected apps proliferating. The biggest feature update was Google Play Protect, an app security suite that ensures your security in several ways How Google Play Protect Is Making Your Android Device More Secure How Google Play Protect Is Making Your Android Device More Secure You may have seen "Google Play Protect" popping up, but what exactly is it? And how does it help you? Read More , including scanning your device, verifying apps before download, and device tracking.

Android will always be under threat. As Windows users will attest, if you use the most popular operating system, you’re a potential target for malware.

Because anyone, anywhere can easily develop an Android app, the system is open to abuse. And boy do people abuse it. The Google Play Protect system isn’t incredibly difficult to game How Does Malware Get Into Your Smartphone? How Does Malware Get Into Your Smartphone? Why do malware purveyors want to infect your smartphone with an infected app, and how does malware get into a mobile app in the first place? Read More , either. Developers simply set the malicious aspect of their code to deploy on a time-switch or download the malicious code after the user installs a legitimate app.

App Store and Play Store Results

There is a clear winner here: iOS. Apple consistently strives to keep its App Store completely free of malware, reigning in the app development process and keep close tabs on those wishing to publish their apps. Google is making strides forward in protecting Android users. Unfortunately, the sheer number of devices running outdated and vulnerable versions of Android means this perpetual struggle must continue.

Bugs, Exploits, and Update Frequency

I’m not going to delve into this section as thoroughly as others. Simply put, iOS has fewer bugs and fewer exploits than Android. Update frequency is slightly more contentious.

When Apple updates iOS, they update the entire core: the apps, the dialer, Siri, and everything else in-between. Apple tends to support their devices for longer, too. However, once support for an iOS device ends, it is a more terminal affair. Older devices creak under the weight of newer iOS versions 5 Reasons Your Phone Slows Down Over Time 5 Reasons Your Phone Slows Down Over Time Is your smartphone suddenly slow? We've got good news: you're not going crazy. That loss of device power hits both Android and iOS users. Devices do slow down over time. Here's why. Read More and cease to function.

On the other hand, an old Android device will not receive full updates, but will still function due to the huge range of app support for outdated versions. (This is a major Android selling point and a sure reason as to its global popularity.)

Malware and Ransomware Protection

We’ll consider malware and ransomware protection in our final section. We’ve looked at the App Store and Play Store, but how do the operating systems protect against direct threats?

iOS

Apple integrated iOS security from the ground-up. iOS has excellent sandboxing What Is The Most Secure Mobile Operating System? What Is The Most Secure Mobile Operating System? Battling for the title of Most Secure Mobile OS, we have: Android, BlackBerry, Ubuntu, Windows Phone, and iOS. Which operating system is the best at holding its own against online attacks? Read More between apps and the operating system. This alone curtails (the few) vulnerabilities in its code, making iOS users extremely safe. Apple even went as far as removing a bunch of antivirus apps in 2015 because they were useless (to the point that they actually introduced vulnerabilities).

All apps are sandboxed, restricted from accessing files stored by other devices, or even making unprompted changes to an iDevice. iOS layers overall app security using code signing, runtime process analysis, and specialized extension support.

Give the iOS Security Guide [PDF] a read because it really is fascinating.

Android

Android also features a high level of built-in security features. The Android Application Sandbox isolates app data and code execution, securing data between apps. And, like iOS, apps are restricted from communicating with one another.

There are, however, two major differences between iOS and Android. The first is user controlled app permissions. Malicious code can take advantage of the permissions for individual apps and abuse the system. The second relates to the nature of Android. As previously stated, Android is vastly more open than iOS. In turn, this means Android users are simply exposed to a wider range of malware Malware on Android: The 5 Types You Really Need to Know About Malware on Android: The 5 Types You Really Need to Know About Malware can affect mobile as well as desktop devices. But don't be afraid: a bit of knowledge and the right precautions can protect you from threats like ransomware and sextortion scams. Read More .

For instance, Symantec report [PDF] that between 2014 and 2016 the number of new Android malware families decreased, but the overall number of variations increased.

android vs iphone which is more secure

Malware and Ransomware Protection Result

Both Android and iOS protect users using a sophisticated security layer system. Unfortunately, Android users encounter vastly more malware and ransomware Beware LeakerLocker: Ransomware That Locks Your Mobile Beware LeakerLocker: Ransomware That Locks Your Mobile How does $50 sound as a ransom payment? No, don't be tempted -- if your Android device has been infected by LeakerLocker, the scammers will never let you go. Here's what to do. Read More due to the open nature of the operating system.

As such, iOS offers better protection against malware and ransomware.

Extra Security Features

Some users will consider these standard security features. But they are advanced for the majority of users.

Full Disk Encryption

Both Android and iOS users have access to full disk encryption 7 Reasons Why You Should Encrypt Your Smartphone Data 7 Reasons Why You Should Encrypt Your Smartphone Data Are you encrypting your device? All major smartphone operating systems offer device encryption, but should you use it? Here's why smartphone encryption is worthwhile, and won't affect the way you use your smartphone. Read More . However, iOS users use full disk encryption by default, so long as they have a passcode turned on. Remember the huge spat between the U.S. government and Apple regarding the San Bernardino iPhone? That was because it was encrypted! Why We Should Never Let the Government Break Encryption Why We Should Never Let the Government Break Encryption Living with terrorist means we face regular calls for a truly ridiculous notion: create government accessible encryption backdoors. But it's not practical. Here's why encryption is vital to day to day life. Read More iOS and Android full disk encryption is tied to system hardware, making private keys difficult to extract.

In the past, however, Android devices have been compromised, and there is a wider range of potential attack vectors for those devices.

VPN Support

Both iOS and Android have extensive integrated VPN support. Android has a wider range of customizable VPN solutions Connect Your Smartphone to Almost Any VPN Using OpenVPN Connect Connect Your Smartphone to Almost Any VPN Using OpenVPN Connect A VPN can help protect your data on the move. But what if your VPN provider doesn't offer an app? Here's how to setup almost any VPN on your smartphone using OpenVPN Connect. Read More that work directly with the operating system.

Removable Battery

In search of “true” privacy, some smartphone users remove their battery to strip their device of power. iOS devices are sealed — the battery is inaccessible. If this is a concern for you, consider Android devices on a manufacturer by manufacturer basis.

And the Winner Is?

Overall, iOS is the most secure mobile operating system. There are certainly ways to improve the security of an Android device vastly. But out of the box, iOS beats Android in almost every way.

Do you stick to iOS for its security? Or can Android be just as secure? What are your must have smartphone security features? Let us know in the comments below!

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Davin Peterson
    December 7, 2017 at 3:23 pm

    Apple is more strict with iOS than Google is with Android. It's only on one phone - the iPhone whereas Android is on many phones. Apple doesn't allow as much customization on iOS as you can with Google and they make it difficult to change the default app as they want use to Apple apps.

    The phone carriers will put their own apps on Android phones which many not be able to uninstall. Some phone manufactures may include their own bloatware as well.