When is a security app not a security app? AV-Comparatives answers this critical question in its latest test of over 200 Android antivirus apps. In a well-researched broadside against pseudo-Android security apps, the independent testing agency came up with basic criteria for establishing when a “security” app is really nothing of the kind.
Pseudo-security apps are not a small problem. AV-Comparatives’ interest in this theme was sparked by an Android app called Virus Shield which did no actual detection – but still managed to scam consumers into paying for the app. This year, AV-Comparatives took a comprehensive look at the apps on the market. They collected over 200 apps from the Google Play Store and then tested their detection capabilities with 2,000 known malicious APKs and 50 clean APKs.
The test should have been an easy challenge. But they were not.
The malicious APKs were known and AV-Comparatives established a very low minimum detection standard of 30%. As they also pointed out in their report, “detection rates of 90 – 100% should be easily achieved.”
Out of the 200+ “security” apps tested, only 85 had a detection rate of over 30% and no false positives. Even worse, only 56 apps managed to score above AV-Comparatives’ informal detection target of 90%. Avira Antivirus Security for Android blocked all 2.000 threats, scoring the perfect 100% detection rate with no false positives.
The steps of what a security app should not do – by AV-Comparatives
As an independent testing organization, AV-Comparatives took the unusual step of defining what a security app should NOT do as opposed to the usual testing perspective of just measuring the results. It is clear that they see this flood of ineffective “security” apps as a threat to the reputation of other Android antivirus apps. Here is their list of NOTS:
- An effective antivirus should NOT find less than 30% of malicious APKs in a test. After all, detection is the name of the game.
- An effective antivirus should NOT be getting fingered as a malicious or potentially unwanted software by other, more established security apps. That is just not a good reputation builder.
- An effective antivirus should NOT have a defective whitelist of safe apps. AV-Comparatives found many of the questionable apps came with a defective whitelist that either blocked excessively or could allow in deceptively named files.
- Developers should NOT plagiarize other security apps. Many of the questionable apps had only cosmetic differences from others, indicating that developers were copying others to get a quick, easy, and ineffective security app into the market.
When it comes to picking an Android security app, it’s a jungle out there. AV-Comparatives recommends avoiding the user ratings as most of these are based on the user experience and not the malware detection abilities. After all, those apps they tested all had a review score of 4 or higher on the Google Play Store. In addition, users should be highly skeptical of the download counter.
Just remember, when it comes to security apps – and many other things in life – reputation matters. So do results. And independent testers – especially when they exercise the ability to call a spade a spade – are incredibly valuable.