Two thirds of Android antimalware apps are ineffective or unreliable

Choosing an effective Android antimalware app is a shot in the dark for many users and they may end up in more danger of malicious apps, not less.

In fact, as the results of AV-Comparatives’ latest test of Android antimalware apps has shown, only 80 of the 250 security apps tested detected over 30 percent of malicious apps and had no false positives, and only 50 achieved detection rates from 90 to 100 percent.

The test results

Independent testing organization AV-Comparatives tested 250 antimalware apps found on the Google Play Store against the 2,000 most common Android malware threats of 2018 and 100 clean, popular apps.

To ensure the most accurate possible results, the testing was performed on physical Android devices rather than an emulator, and any malware samples not detected in an on-demand scan were installed and run, so that the security programs have another opportunity to prove their protective capabilities.

But, as it turns out, over two thirds of the tested apps failed to reach a block rate of even 30% or had a relatively high false alarm rate.

Android antimalware

“We consider those apps to be risky, that is to say, ineffective or unreliable. In some cases the apps are simply buggy, e.g. because they have poorly implemented a third-party engine. Others detect only a handful of very old Android malware samples, and allow any apps that contain certain strings, making them likely to pass some quick checks and thus be accepted by the app stores,” the organization explained.

“A number of [those] apps have in the meantime already been detected either as Trojans, dubious/fake AVs, or at least as ‘potentially unwanted applications’ (PUA) by several reputable mobile security apps. It is to be expected that Google will remove most of them from the Google Play Store in the coming months (and hopefully enhance their verification checks, thus blocking other such apps from the store).

Choosing an effective Android antimalware app

“User ratings in the Google Play Store might show that a security app is easy to use. However, without independent testing, users cannot be sure if its detections are genuine, or whether it has given a clean bill of health to a malicious program,” says AV-Comparatives’ founder and CEO Andreas Clementi. “Our test report lets you know which programs will protect your Android device, without false alarms.”

In general, though, the organization advises users not to rely on user ratings, review scores, the number of downloads or the “last updated” date as indicators that an app is worth trying. Instead, they recommend using only apps of well-known, verified and reputable vendors.

“As well as participating in tests by independent test institutes, such vendors will have a professional website with contact information and a privacy policy. It should also be possible to try the app – typically a few weeks’ trial use is allowed – before purchasing. Users can then assess the usability and any additional features of the product,” they pointed out.