Android has grown to become the largest computing platform on the planet, which makes it a goal. You may not spend a lot of time on the Internet without hearing about some new Android malware that is sure to destroy your phone 100%. These reports are actually based on facts, but they may exaggerate the actual risk of picking up malware, and the definition of malware may be very vague. Security companies usually promote some kind of virus scanning application. However, by its very nature, Android is more secure than desktop computers, so maybe you don't need these security apps. You may already have what you need.
In the latest report from AV-Comparatives, we learned that most anti-virus applications on Android have not even taken any measures to check whether the application has malicious behavior. They just use the whitelist | blacklist to mark apps, which is ineffective, making them nothing more than advertising platforms with fake buttons. Shocking and frustrating, right? They can escape it because the real Android virus occupying your device is not as common as you might expect. “Malware” may contain milder threats, such as apps that collect personal information or trigger pop-up ads.
When programmers understand the dangers of the Internet, the origins of Android and other mobile platforms are in the modern era. We have programmed the expectations of PC malware, which may have sneaked into your system because you visited the wrong website with a vulnerable browser. Without pre-existing infections, these “drive-by downloads” are not feasible on Android. On Android, you must actually click on the notification to install an APK downloaded from a source outside the Play Store. Even so, you still need to manually bypass the security settings.
So, what about malware in the Play Store? Again, it depends on the meaning of the malware. The most serious security risks will make it impossible to enter the store. The Google platform can scan for known malware during upload. We have also manually reviewed all content that seems to be problematic. You may occasionally hear about certain “malware” applications in the Play Store, usually related to information gathering or advertising pranks. Google can handle these issues quickly, but anti-malware applications cannot catch such issues.
The solution promoted by audiovisual companies is to install a security suite that can manually scan each application, monitor your web traffic, and more. These applications tend to waste resources and are often annoying with large numbers of notifications and pop-up windows. You may not need to install Lookout, AVG, Symantec/Norton, or any other AV apps on Android. Instead, you can take some perfectly reasonable steps without dragging down your phone. For example, your phone has built-in anti-virus protection.
What should you do to stay safe
Your first line of defense is not to mess up Android's default security settings. In order to obtain Google certification, every mobile phone and tablet computer has “unknown sources” disabled in the security settings. If you want to sideload an APK downloaded from outside of Google Play, your phone will prompt you to enable the feature for the original app. After disabling this feature, you will be protected from almost all Android malware, because the Play Store has almost no malware.
However, unidentified sources are allowed for legitimate reasons. For example, Amazon's Appstore client-side loads the apps and games you have purchased, and many well-known websites have rehosted official app updates that are rolled out in stages, so you don't need to wait. In addition to the Play Store, you also have Google Play Protection, which scans your apps for malicious activity. Play protection updates will be rolled out through Play services, so you don’t need system updates to stay protected. In most cases, installing a third-party AV application will only replicate the work of Play Protect.
Users have been rooting their Android phones since the first phone was launched on the market, but this is no longer so common today. The platform provides many functions that people are accustomed to acquiring. Using rooted Android is basically like running a computer in administrator mode. Although it is safe to run a rooted phone, it is definitely a security risk. Some vulnerabilities and malware require root access to use features, otherwise, they are harmless even if you install them in some way. If you don’t have a good reason to root your phone or tablet, don’t be open to this possibility.
There are also Android applications that may not be “malware” in nature, but you may not want them to appear on your phone because they will snoop on your data. Most people don't read the permissions of installed apps, but the Play Store does provide all this information. Starting from Android 6.0 and higher, apps need to request access to sensitive permissions, such as access to your contacts, local storage, microphone, camera, and location tracking.
If an application has a reason to access these modules (such as a social networking application), then it might be fine. However, if a flashlight app is asking for your contact list, you may need to think again. System settings include tools for manually revoking any application permissions.
Avoiding Android malware actually only requires a little common sense. If you do nothing, limiting downloads to the Play Store and other 100% trusted sources will protect you from almost all threats. Antivirus applications are superfluous at best, and at worst they can damage system performance.