Android iPhone and iPad Security

Which Smartphone Has the Best Security? iPhone X vs. Galaxy S9 vs. Pixel 2

Dan Price 05-07-2018

Your smartphone is one of your biggest security vulnerabilities. Aside from the obvious issue of theft, it’s also leaking data to endless companies and people.


As such, making sure you have a secure phone should be high on your list of priorities. To help, we’re going to compare three of today’s leading devices: the iPhone X, the Galaxy S9, and the Pixel 2 (both of which run Android).

Our 7 Points of Comparison

We’re going to compare the three phones across seven areas.

Encryption: Without data encryption, anyone in possession of your phone could extract or read its contents, even if they didn’t know your passcode.

Apple’s Tim Cook explains it the best:

“On your smartphone today, there’s likely health information, there’s financial information. There are intimate conversations with your family, or your co-workers. There’s probably business secrets, and you should have the ability to protect it. And the only way we know how to do that is to encrypt it.”

App blocking: The ability to block apps serves two purposes. Most importantly, it lets you prevent apps that don’t necessarily need web access to function correctly from sneakily “phoning home” with your data. Secondly, it can reduce you data usage and prevent unexpectedly high bills.


Biometric security: Some people have claimed Apple’s facial recognition software is flawed. There have been some reports of random people being able to unlock another person’s device. But is the technology better or worse than fingerprint scanners from a safety standpoint?

Password-protected folder: The presence of a password-protected folder is another line of defense against the issues Tim Cook raised. It prevents someone who knows your PIN code accessing your phone and stealing its most sensitive contents.

Multi-user support: Do you use your device for both business and pleasure? Most people do. If you’re one of them, the ability to run multiple sandboxed user profiles is important.

Automatic data wipe: We’re sure lots of you have lost a phone at some point in your lives. Given how much data is on your device, that’s a massive problem. A way to make your phone delete all its data if the PIN code is entered incorrectly too many times will protect you against brute force attacks.


Native password manager: Using a password manager lets you choose more secure credentials; you won’t have to remember them every time you log into an app or service.

1. Encryption

The winner is: Draw

All three of the handsets use file-based AES 256-bit encryption. We’ll ignore the persistent rumors about potential back-door entry points and say this is a good thing.

It’s easy to activate encryption on all three devices.


How to Turn On Encryption on an iPhone

  1. Open the Settings app.
  2. Select Touch ID and Passcode.
  3. Choose Turn Passcode On.
  4. Create an alphanumeric password that’s at least six characters long.

To check the process worked, navigate back to Touch ID and Passcode, scroll to the bottom of the page, and make sure you see the Data protection is enabled message.

How to Turn On Encryption on Android

  1. Open the Settings app.
  2. Go to Security.
  3. Scroll down and tap on Encrypt Device.
  4. Read and agree to the on-screen warnings.

On Android, the process could take up to one hour, and your phone might restart several times. Also, keep in mind that the only way to unencrypt the device is to perform a factory reset.

2. App Blocking

The winner is: iPhone X


Being able to block apps from accessing the internet on a case-by-case basis sounds like something you’d expected to be a standard feature on smartphones. It would stop apps from sending data back to their developers.

However, of the three phones, only the iPhone X lets you restrict apps individually. And even then, the situation isn’t clear-cut. You can only stop apps from accessing the internet while connected to your mobile data network; you can’t block apps connecting when you’re on Wi-Fi.

The solution is to use a VPN. Both ExpressVPN and CyberGhost let you block apps individually.

How to Block an App’s Internet Access on iPhone

  1. Open the Settings app.
  2. Tap on Cellular.
  3. Scroll down to the list of apps.
  4. Flick the toggles into the Off position as desired.

3. Biometric Security

The winner is: iPhone X

The Samsung Galaxy S8 offered facial recognition back in March 2017, but Apple changed the game when it released the iPhone X later that year.

The flagship model became the first device whose facial recognition software was secure enough to be used for authorizing mobile payments as well as for locking your screen.

The software on both the S9 and the Pixel 2 still lags behind iOS. It still can’t be used for secure transactions. Interestingly, Apple claims Face ID is more secure than Touch ID (and there are ways to make Face ID safer):

“The probability that a random person in the population could look at your iPhone X and unlock it using Face ID is approximately 1 in 1,000,000 (versus 1 in 50,000 for Touch ID).”

Of course, both forms of biometric ID have a downside. If someone steals your data, it will be compromised forever. Passwords can be changed at will.

4. Password-Protected Folder

The winner is: Galaxy S9

Of the three devices we are looking at, the Samsung Galaxy S9 is the only one that comes with a native password-protected folder.

The folder lets you keep any files, photos, videos, or documents in a secure location on your device. You can move content in and out with ease.

As a further benefit, the Galaxy’s secure folder also lets you hide it from the Apps and Home screen. It means a casual observer won’t even know it exists.

How to Set Up the Secure Folder on Galaxy S9

  1. Open the Settings app.
  2. Tap on Lock screen and security.
  3. Scroll down to Secure Folder.
  4. Enter your Samsung account credentials.
  5. Set up your lock method.

How to Hide the Secure Folder on Galaxy S9

  1. Open the Settings app.
  2. Tap on Lock screen and security.
  3. Scroll down to Secure Folder.
  4. Select Hide Secure Folder.
  5. Tap on OK.

5. Multi-User Support

The winner is: Galaxy S9 and Pixel 2

Multi-user support is a big bonus for security. It’s useful on a number of levels. For example, if you often let your kids use your phone, they can mess around without accidentally changing or deleting anything on your account.

It’s also useful if you’d like to keep one section of your phone for work-related things and one for personal things. All user accounts run in their own sandbox, so data can never leak between them.

And remember, Android phones also support customizable guest accounts.

The iPhone X finds itself trailing in its competitors’ wake 5 Features Android Has That the iPhone Still Doesn't Android and iOS are both solid mobile operating systems, but Android does have a few features that iOS is still lacking. Read More . In truth, it’s astonishing that Apple doesn’t yet offer multi-user support on any iOS devices. That needs to change ASAP.

6. Automatic Data Wipe

The winner is: iPhone X

All three phones can be locked and wiped remotely. This is excellent protection against theft, but you need to have spent the time to set up Find My Device Find My Android: 4 Ways to Locate Your Phone Before you lose your Android device, be sure to download at least one of these apps. Read More or Find My iPhone 8 Ways to Find a Lost iPhone (And What to Do If You Can't Get It Back) If your iPhone goes missing, you need to look for it and find it as soon as possible. Here's how. Read More before using the service.

If you’ve not set up Android Device Manager or a third-party anti-theft app The 7 Best Android Anti-Theft Apps to Protect Your Device If your Android phone gets stolen, you'll need a way to get it back. Here are the best Android anti-theft apps. Read More and lose either a Galaxy S9 or a Pixel 2, someone could brute force your lock code until they gain access.

The iPhone X offers more security. By default, it will shut down and force you to connect to iTunes after 10 failed logins.

But you can also set up the device so it automatically wipes all your data after 10 failed logins.

How to Delete iPhone Data After Failed Logins

  1. Open the Settings app.
  2. Go to Touch ID and Passcode.
  3. Select Erase Data.
  4. Turn the toggle into the On position.

7. Built-In Password Manager

The winner is: Draw

The iPhone X, Galaxy S9, and Pixel 2 all have a native password manager. The managers are called iCloud Keychain, Samsung Pass, and Google Smart Lock respectively.

All three store their data in an encrypted vault and auto-fill apps and services when needed.

The iPhone X’s keychain is perhaps the most practical; it can sync your data across all the Apple devices you own. It means you can use the app to store system passwords as well as browser and app credentials.

Google Smart Lock will also work on Chrome, while Samsung Pass only works with Samsung devices and the Samsung internet browser.

Nonetheless, from a security standpoint, the three are almost identical.

Note: You can use a password manager in place of the proprietary apps.

iPhone X Comes Out Ahead in Smartphone Security

On the security points we’ve analyzed, the iPhone X emerges as a narrow winner. It’s automatic data wipe, biometric ID security, and app blocking see it edge out the other two models. (But when it comes to popularity, Android phones still have an edge over the iPhone.)

The S9’s password protected folder means it earns second place ahead of the Pixel 2.

Of course, there are lots of other security factors to consider, so let us know what you think in the comments.

And remember, there are always more steps you can take to improve your phone’s security. Why not try install some security apps on your iPhone iPhone Security Secrets: 8 Apps and Settings You Must Know iPhone security is a big deal. Here are the most important iPhone security settings you should know to keep your device safe. Read More or apps that protect your privacy on Android 8 Great Android Apps That Protect Your Privacy and Security If you want to keep your Android device safe and secure, we recommend these apps. Read More ?

Related topics: Android, iPhone X, Pixel 2, Samsung, Smartphone Security.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Kunal Nanavati
    May 7, 2019 at 2:30 am

    This comparison is flawed on 2 points -

    1. Both s8 and pixel can be setup to delete all data on incorrect password after 15 tries (or another number as per phone default).

    2. Both android phones can also prevent apps to use cellular data (like iphone) by turning on restricted networks (which also works for wifi).

    I believe the result might change if these are the points of contention between the phones..

  2. PM
    March 9, 2019 at 12:49 pm

    I've been considering switch from Blackberry to Apple and recent situation is making me re-think. On the surface Apple security looks good. However, if your really dig in to Apple security it is confusing, convoluted and flawed. For example it takes approx. 7 days to de-activate an Apple ID and 30 days to delete an Apple ID. During that time if someone has gained access to your device or account they have all of your information. Two-factor authentication. Make sure you understand it or you can wind up locked from your own Apple ID/account and no way to get in. i.e. make sure you are logged into icloud on at least one device and the very 1st thing to do with an iphone is to add more than one trusted device. There is quite a bit more but would take too long to explain.

  3. Amir
    January 19, 2019 at 8:18 am

    1- encryption.?
    2- app blocking?.. you can actually do that on android, or at least a galaxy.
    3- biometric security?.. actually the Pentagon approved that the galaxy has the highest security and that's also said for the iris scanner.
    4- password-protected folder?
    5- multy-user support?
    6- automatically data wipe?.. you can actually do that in all the three phones.
    7- built-in password manager?
    You didn't do your homework well..

    • Amir
      January 19, 2019 at 8:21 am

      The question marks are true and false emojis ignore them.

  4. Sirana
    November 3, 2018 at 1:25 pm

    i spent some time with DIY with my Android phone, but no more worry now a lot easier with AnoPhone with device and VPN setup completed on delivery.