A test of Android antivirus apps highlights disastrous results: only 20 per cent of programs work as expected.

The best antivirus protection is still common sense: Do not run or open files that are not from reliable sources, nor open mail attachments that are not expected – even if they are from acquaintances because their email may be compromised. This advice is practically independent of the operating system or device.

Android is relatively safe in this respect, especially if you have not rooted your smartphone. It does not allow installation of apps (by default, the feature is turned off) that are not from the Google Play Store.

250 antivirus apps in the store analyzed

Nevertheless, there are tons of antivirus apps for Android in the Play Store – which are largely useless, according to a publication by AV-Comparatives. As AV-Comparatives has discovered in a large-scale test, only 50 out of 250 tested Android apps detected at least 90 per cent of the malware and virus samples correctly.

Some apps did not have updated antivirus definitions and blocked apps purely based on a list provided by the developer. These apps are just fake and pretending to be anti-virus. Some of the apps even had a scanning animation while nothing happens in the background creating an illusion that the app is looking for a virus.

For the test, the researchers fed around 2,000 of the most popular Android malware programs to Android devices while simulating realistic usage conditions on the test smartphones. The test devices were mainly smartphones including Android 8.0. For the apps incompatible with Android 8.0, Google Nexus 5 smartphones with Android 6.01 were used.

To test the reliability of each antivirus app, here are the steps they followed:

  • Opened the Chrome browser and downloaded the malware
  • Opened the malware file via the File Explorer
  • Installed the malware app on the smartphone
  • Launched the app

For a malware to be recognized as safe, the app had to inform the user during these four steps about the malicious nature of the file. As a control group for the 2,000 tested malware files, the researchers also used 100 clean files. A total of 23 of the 250 tested anti-malware apps achieved a recognition rate of 100 per cent, including, in particular, the applications of well-known developers such as Kaspersky, Sophos, McAfee, Avast, Avira and AVG.

80 apps achieved a quota of at least 30 per cent. While some of the unsafe apps detected few or no malware files, others led to various false positives. Some apps were based on a developer’s hard-coded WhiteList, where, for example, all file packages with the filename “com.adobe. *” Were considered “safe.”

Especially curious: some apps that work with the WhiteList system even blocked themselves because they were not included in the WhiteList file. If the user performs a scan for malware, some of these apps also display a progress bar – but this, in turn, has no actual meaningfulness and is merely a trick to give user a false sense of security.