AV-TEST discovered after a six-month test that Google Play Protect is inferior to at least 14 other antivirus applications available for Android. The built-in defense tool catches only two-thirds of malicious apps, necessitating the need for third-party security apps.
One of the most central Android security protections available today, the Google Play ProtectOpens a new window which is ingrained within all devices, is found to be shockingly ineffective against a host of threats. The findings were revealed when Magdeburg, Germany-based independent research institute AV-TESTOpens a new window shared the results of a six-month-long endurance test its researchers performed on 15 security apps.
All of these 15 apps are from reputed vendors and are designed to thwart malware, spyware, or any type of app or program that furtively engages in activities detrimental to the user. AV-TEST carried out the test from January to June 2021 wherein researchers discovered, to Android users’ dismay, that the Google Play Protect scored the lowest among all, and thus came in last.
This is not a good sign for Google’s own security offering, which is available for free across all Android devices. To say that Android users, all 2.8 billionOpens a new window of them representing 75% of the total smartphone users globally, and especially those that only rely on Google Play Protect would be disconcerted from the findings would be an understatement.
Google Play Protect
Play Protect was released in 2017 with its rollout dating exactly four years ago in July 2017. It is a built-in defense mechanism that was brought specifically to bust illicit activities of threat actors on Android devices through what Google calls potentially harmful applications (PHA). According to Google, Verify Apps service in Play Protect scans devices once every day, which amounts to 100 billionOpens a new window total applications scans performed in a single day.
Play Protect is essentially a virus scanner and is the primary shield when it comes to safeguarding against attacks or malicious invasions on Android. Not only does Play Protect scan apps from the Play Store, but it also scans third-party applications in the background.
Some would argue that the introduction of Play Protect is an expedient thing on part of the Mountain View-based Google. However, it certainly has proven its worth over the last few years considering fewer malicious apps manage to squeeze by its defenses. This is the reason why Play Protect’s abysmal performance up against some of the other renowned security service apps raises the question: is Google slipping?
See Also: 100 Million Android Users’ Data Exposed Due to Poor Cloud Security Practices by App Developers
The Android Security Apps Test
Besides the Play Protect service, the 14 other security apps included those from AhnLab, Avast, AVGOpens a new window , Avira, BitdefenderOpens a new window , F-Secure, G DATA, Google, Ikarus, KasperskyOpens a new window , McAfee, NortonLifeLock, Protected.netOpens a new window , securiON, and Trend MicroOpens a new window .
AV-TEST conducted three rounds of real-time testing. Each round included 3,000 malware apps that were fresh off the market. Apps were also tested with a reference set of 3,000 different infected apps that had been in circulation for almost four weeks. In total, 20,000 new malicious apps were used, half of which were newly discovered while the other half in distribution for around four weeks.
Application testing parameters included protection, ie., the ability to detect malice, performance, which is the processor load due to the app, the amount of data loaded in the background, its impact on the battery; and finally the app’s usability. Each parameter has a maximum score of 6 points.
Besides malicious apps, AV-TEST also included 10,000 clean apps from the Google Play Store and other sources to check if any of the apps raised false alarms.
AV-TEST’s Android Security Application Test Results
Well, we gave away the biggest spoiler earlier so let us have a look at how other apps fared.
Nine out of the 15 apps scored the highest possible points, viz., 18. These include those from AvastOpens a new window , AVG, Bitdefender, F-SecureOpens a new window , G DATA, Kaspersky, McAfeeOpens a new window , NortonLifeLock und Trend Micro.
Apps from Avira, Protected.net, securiON, and AhnLabOpens a new window scored between 17.8 to 17.1 points. Even Ikarus’ 16 points, the lowest of the 14 apps excluding Play Protect, dwarfed the score by Google’s Android-embedded security service, which is six points.
It is noteworthy that the six points that Play Protect scored came from the efficiency in its performance, an area where none of the other apps lost any points.
Opens a new window
Android Security Apps Endurance Test | Source: AV-TEST
When it came to raising false alarms, 11 apps from Avast, AVG, Avira, Bitdefender, F-Secure, G DATAOpens a new window , Kaspersky, McAfee, NortonLifeLockOpens a new window , Protected.net, and Trend Micro sailed through with flying colors, not to mention full six points. securiONOpens a new window and AhnLab inaccurately termed some of them malicious, hence the deduction of a fraction of a point. Ikarus performed poorly when compared to the ones stated above but did exceedingly well versus Google Play Protect, which designated clean apps as malicious 70 times.
Five (Bitdefender, G DATA, McAfee, NortonLifeLock, and Trend Micro) of the 15 apps tested managed to achieve a 100% strike rate against malicious apps, both in real-time as well as in the reference set. Apps from Avast, AVG, and Kaspersky also managed to catch all malicious apps from the reference set but made one minor error each in real-time testing.
Meanwhile, Avira, F-Secure, and AhnLab also made errors, but in both real-time and reference set testing. At the same time, protections from IkarusOpens a new window , Protected.netOpens a new window , and securiON were quite lower than others but significantly higher than Google Play Protect which only detected 68.8 percent in the real-time test and 76.6 percent in the test with the reference set.
Opens a new window
Malware Detection Rate of Android Security Apps | Source: AV-TEST
What this means is that Play Protect only detected roughly 13,000 to 13,500 malicious apps of the 20,000 fed to it. Basically, Play Protect is useless for all or one-third of all intents and purposes.
See Also: Google Finally Rolls Out an Update to Block Google Drive Spam
Closing Thoughts
Point of argument: Play Protect is free.
Counterpoint: So are most of the others and yet they’ve managed to outscore or level with every other security app. However, these apps do have in-app purchases for extended protection that they offer.
Regardless, these apps aren’t positioning themselves as the in-built protection for billions of Android devices. An unsuspecting user would even assume the efficacy of Play Protect, the most widely used security tool, to be at par with the options out there.
Thankfully, users only need to look at the remainder of apps on this list to protect themselves until Google upgrades Play Protect with a wider protection net.
Let us know if you enjoyed reading this news on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!