These Aren’t the Android Devices You Should Be Looking For

  • Home
  • These Aren’t the Android Devices You Should Be Looking For

These Aren’t the Android Devices You Should Be Looking For

When you opt for an affordable smartphone and forego the safeguards found in Google Play, you might get more than you bargained for.

When purchasing a new smartphone, you likely seek the best value for your money. If you’re looking for a top-tier device without breaking the bank, products from lesser-known manufacturers could make it onto your shortlist. In fact, in the fiercely competitive smartphone market, you might even find lesser-known but high-end contenders that can rival flagship products from established tech giants like Apple, Samsung, and Google in many aspects.

On the flip side, while budget-friendly phones for the price-conscious among us may not break the bank, they can fall short when evaluated based on criteria such as brand recognition, competing telecommunications technologies, and considerations for global security and data privacy. The reputation (or lack thereof) of some manufacturers and their pricing policies can also influence public perception. After all, smartphones have evolved into a significant status symbol of our era.

In certain cases, even some cutting-edge devices might be downgraded to mid-range or even budget-friendly categories. Especially in the latter, smartphones often come equipped with older Android versions and receive limited post-purchase support, if any. They may lack feature updates, security updates, or receive updates belatedly or for a very short duration. In some instances, their manufacturers might even be barred from entering the Google Play Store app ecosystem. Cases of phones being shipped with pre-installed malicious software highlight another concerning aspect – supply chain security.

The Android Multiverse?

Android commands over 70% market share, boasting approximately 3.3 billion active users and maintaining its position as the leading global mobile operating system (OS). However, not everything is equal in the world of Android. Among feature-rich Android smartphones, Samsung leads the pack with nearly 35% market share, reaching an overall market share of 20% in the entire smartphone market, closely trailing behind Apple.

Samsung’s dominance is not just due to the innovation and high quality of its products but also because it provides a variety of choices for different budgets. Samsung’s leading position is also attributed to the fact that its phones benefit from built-in security measures in Google Play, and many of its phones receive software updates for a longer duration compared to most competitors in the fragmented Android ecosystem. All of this ultimately ensures optimized hardware and software integration, enhancing user experience and security.

Meanwhile, since 2019, new phones from Chinese tech giants like Huawei have been banned from entering the Google Play Store. To maintain its global market presence, the company has its own lineup of high-end smartphones and has developed its own operating system called HarmonyOS. This operating system is primarily based on the free Android Open Source Project (AOSP). However, such exclusions from Google Play could have security implications for end users.

Collective Security

In addition to the built-in security features of Android, users can benefit from enhanced security through the Google Play Store itself and its Play Protect safeguards, which are enabled by default. This officially recognized Android application environment is built into smartphones from manufacturers that comply with US and EU regulations. The store’s security is backed by the Google App Defense Alliance, established in November 2019, of which ESET is a member.

With over 2.6 million applications, theoretically, almost all apps could have hidden malicious “sleeper functions” during upload or receive malicious updates later, as demonstrated by recent findings like the Ahmyth malware discovered by ESET in August 2023. The Threatscape report from Google in August 2023 also highlighted a subsequent malicious update. When threats are discovered, operated by security-aware stores like Samsung Galaxy Store or even Google Play Store, quick action is taken to remove these apps.

Therefore, Android devices face risks from several major types of malware. These include banking trojans that steal login credentials and can even bypass two-factor authentication (2FA). Another threat is posed by Remote Access Trojans (RATs), which can monitor victims, receive direct commands from attackers, steal money, credentials, or data, hijack social media accounts, and record calls. Additionally, Android ransomware is often spread through insecure websites or malicious links in emails and messages. Ensuring protection against such risks is central to the alliance’s mission.

Security Concerns Us All

Most Android devices have manufacturer skins installed on top of the Android base system, providing access to Google Play. Some vendors have gained a foothold in the market with other AOSP-based operating systems, but their app stores and the apps offered within them haven’t undergone the scrutiny of the App Defense Alliance.

While using third-party app stores or other unreviewed sources may be tempting, as they may contain apps you might not find in mainstream stores or offer fully open-source (FOSS) alternatives that bypass region restrictions – or they are simply not created by tech giants you may not want to share data with – the risks from alternative apps and app stores are more likely to affect certain phone brands than others. This is especially worrisome for those who cannot access the real Google OS and app environment.