Compared to BlackBerry 7.0, iOS 5, and Windows Phone 7.5 – Android 2.3 got the lowest rating of 1.37, which refers to the OS average score based on several factors that Trend Micro considered including Built-in security, Application security, Authentication, Device wipe, Device firewall, Data protection, Device protection, Corporate managed email, ActiveSync support, Mobile device management, Virtualization, and Security certifications. Trend Micro selected Android 2.3 on its analysis over other versions of the OS since it’s the most dominant installed version across all devices in the market. The poor rating of Android is due to its market fragmentation issue, citing that even Android 4.x does include better security, most of the devices are still on Android 2.x and Google has no central means of providing OS updates.
“Android is currently the preferred platform by cybercriminals. With clever social engineering, they convince a victim to install a “useful” application. The user willingly gives permission, and bingo—the device is compromised. Premium SMS fraud Trojans are a costly reminder of unfriendly apps, but what is worse is the data exfiltration function of some of the digital nightmares—malware can copy SMS, intercept calls, remotely activate the microphone, or conduct other sinister tasks” the report says.
Trend Micro, together with other researchers from Altimeter Group and Bloor Research, praised RIM’s BlackBerry OS 7.0 for its corporate grade security. “BlackBerry devices, along with their back-end management through the BlackBerry Enterprise Server (BES) have been viewed by many as the bellwether for device security, with many endorsements and approvals of past versions of the OS bearing out that reputation.”