Cape Town - Google is focused on keeping its Android mobile operating system secure despite cyber criminals' attacks on the platform.
"We're committed to making Android a safe ecosystem for users and developers. That’s why we built Android the way we did - with multiple layers of security in the platform itself and in the services Google provides," wrote Adrian Ludwig, lead engineer for Android Security on the Google blog.
Security companies have long highlighted that Android's popularity makes it an ideal target for cyber crooks.
Kaspersky Lab found that a significant percentage of smartphone users do not even use a pass code to protect access to mobile devices.
"To make matters worse, globally 18% of unprotected Android-based smartphones contain precisely the information that attackers are most eager to find: PIN codes for bank cards, passwords to online banking systems and other financial data. 24% of them store passwords to social networks, personal and work e-mail, VPN (virtual proxy network) and other sensitive resources," Kaspersky said.
But Google said that it has been actively working to limit the ability of criminals to gain unauthorised access to Android smartphones.
"Android offers an application-focused platform security model rooted in a strong application sandbox. We also use data to improve security in near real time through a combination of reliable products and trusted services, like Google Play, and Verify Apps. And, because we are an open platform, third-party research and reports help make us stronger and users safer," said Ludwig.
According to research firm Gartner, Android has around an 85% market share and its popularity means that criminal organisations will increasingly target the devices with malware in order to gain valuable information.
"It is not surprising that mobile users are facing online threats more often now: Devices are capable of doing so much more, and many more people are using them, so of course they will attract fraudsters," said Victor Yablokov, head of Mobile Product Line at Kaspersky Lab.
Google advises Android users to download apps from its official Play Store. (Duncan Alfreds, Fin24)
And crooks have developed ingenious ways to target people, not just the mobile devices they use.
Dating apps have been identified as a useful way to target people who sign up to meet strangers rather than people they know on platforms like Facebook.
"With over 1 000 dating sites in South Africa, the potential for information to get into the wrong hands through an innocent romantic encounter, is real," said IBM which found that 60% of Android dating apps are vulnerable to attacks.
In addition, cyber criminals are able to exploit GPS location data which is commonly used by applications to match people with those close to them.
"IBM found that 73% of the 41 popular dating applications analysed have access to current and historical GPS location information. Hackers may capture your current and former GPS location details to find out where you live, work or spend most of your day," the company said.
But Google said that it performs rigorous testing of applications on the Play Store and conducts 200 million security scans of devices per day.
The search giant rejected the perception that Android smartphones are widely subject to malware infections, saying that small percentage of devices had a potentially harmful app installed.
"Fewer than 1% of Android devices had a Potentially Harmful App (PHA) installed in 2014. Fewer than 0.15% of devices that only install from Google Play had a PHA installed," Ludwig said.
He added that Google was working to build its reputation for being more strict about what it will allow on its Google Play platform.
"In 2015, we have already announced that we are being even more proactive in reviewing applications for all types of policy violations within Google Play. Outside of Google Play, we have also increased our efforts to enhance protections for specific higher-risk devices and regions."
- Follow Duncan on Twitter