Mobile Security Report 2016 - AV
Anti-Virus Comparative
Mobile Security Review 2016
Language: English
September 2016
Last Revision: 25th September 2016
Mobile Security Review 2016
Table of Contents
Android Marshmallow
Security Features
Products tested
Protection against Android malware
Test Set & Test Results
Battery Drain Results
G Data
Kaspersky Lab
Trend Micro
Feature List
Copyright and Disclaimer
Mobile Security Review 2016
This report provides test reports and reviews of security products for smartphones running Google’s
Android operating system. All tests were run on Android 6.0.1, which is also known as Android
Marshmallow. We used the unmodified version of the operating system, as provided by Google, in
order to eliminate any problems due to modifications of the OS by e.g. third-party smartphone
Besides the review, which covers the user experience of the apps, comprehensive tests on malware
protection rates and battery consumption are provided. Additionally, a short table showing any antitheft functions included in the product is included at the end of each product report.
Many of the products reviewed and tested have components which are not security-related. The review
will focus on the security features – anti-malware, anti-theft and privacy – and only mention any
other functionality briefly. The structure of each product report is identical, allowing readers to
compare products easily.
The main purpose of a mobile security product is to protect users and their devices from potential
harm inflicted by malicious apps. Readers should note that recent Android versions incorporate some
basic anti-malware features. Google’s Safe Browsing API checks apps on installation, and protects
against malware and phishing links when the user is surfing the Internet with the Chrome browser.
Additionally, an anti-theft component in a security app could be used to retrieve a lost or stolen
phone, and/or prevent access to any personal data stored on the device. Basic anti-theft features
(lock, locate, wipe and alarm) are provided by recent versions of Android itself.
More details of the security measures in Android Marshmallow are provided in the next section.
Amongst other things, this report aims to help readers decide whether they would benefit from the
more comprehensive and sophisticated security features provided by a third-party security app.
On the following pages we provide a brief overview of the risks facing smartphone users from malware
and the loss or theft of their device, and discuss the benefits of security apps. We start by introducing
Android Marshmallow and its new permissions system, and mention the restrictions in the operating
system that security vendors have to deal with. After that we give a short summary of commonly
implemented security features and their main sub-components.
At the end of the introduction we summarise the participating security products and present the
results of the Malware and Battery Drain tests. Detailed reviews of the individual products follow, in
which we will shed light on the layout and usage of the features.
Mobile Security Review 2016
Android Marshmallow
Shortly after our last Mobile Review came out in September 2015, Android version
6.0 (also known as Android Marshmallow) was released. As shown in the graph
below1, it currently holds a market share of around 15 percent. The relatively
slow spread of the new version might be related to the fact that only a few
manufacturers provide operating-system updates for older phones, whilst
many distribute the latest Android version on only brand-new phones. We
decided to use Android 6.0.1 for this review, as it was the most recent version
that was available to test at the time. Android 7.0 was only released after the
editorial deadline.
Android Versions
Marshmallow (6.0)
Lollipop (5.0 - 5.1)
KitKat (4.4)
Jelly Bean (4.1.x - 4.3)
Ice Cream Sandwich (4.0.3 - 4.0.4)
Gingerbread (2.3.3 - 2.3.7)
Froyo (2.2)
The new permission-management system in Android 6 introduces
individual post-installation, run-time permission requests. An
app designed for the new system will ask for a specific permission
the first time it needs it. This gives the user the opportunity to
grant an app only the specific permissions which he/she wants it
to have. Apps which are designed for an older version of Android
will still ask for all-or-nothing permissions on installation. Even
though it may be possible to remove some individual permissions
from an app after it has been installed, the app is not guaranteed
to work properly if this is done, and might just fail completely
when attempting to perform an action for which permissions have
not been granted.
As seen in the screenshot on the right, single permissions for an
individual app can be manually granted or revoked from within
the Android app settings. Obviously revoking the Camera
permission from the Camera app will make the app useless. But
if the user were to do so, a well-implemented app would simply
request this specific permission the next time it was used.
Mobile Security Review 2016
Additionally, a small but relevant change for security apps was introduced with the new API level 23,
related to the account management. With the new API, apps can’t remove accounts (such as the main
Google account) from the phone. Only accounts which were created by the app itself can be removed.
Obviously such limitations can be regarded as enhancing the security of Android, as such potentially
destructive operations are denied by the system, but with previous Android versions this feature was
used to perform a data-only wipe by many security products. Such a wipe has the advantage that all
sensitive data can be removed from the phone without losing the ability to control the anti-theft
features provided by the installed security app. Without removing associated accounts from the phone,
emails and the Google Play Store might still be accessible.
It should be noted that all of this relates to a rather a theoretical problem. As mentioned in previous
reports, if a phone has been encrypted and set up properly with a lock screen, it is virtually impossible
for a thief to retrieve any data from it.
Mobile Security Review 2016
Security Features
In this section we give a short overview and discussion of common security-related components found
in security products for Google Android.
The most obvious component of a mobile security app is the malware scanner. It protects the user
against the inadvertent installation of malicious apps on his/her device. Similarly to antivirus
programs for Microsoft Windows, mobile security apps for Android use a number of different protection
components. An important feature is the real-time scanner which checks new apps during the setup
process. This prevents the device being compromised by the installation of a malicious program. Ondemand scanners scan the whole device for any malicious applications that are already installed, or
downloaded .APK files that have not yet been run. These might be found on the device’s internal
storage or an external SD card. As with Windows desktop security applications, keeping malware
definitions up to date is a critical factor in effective protection. Some vendors offer more frequent
updates with their paid “Pro” versions than with the corresponding free versions. We noticed that
many of the tested products offer a cloud-assisted malware scanner to ensure the app has access to
the very latest definitions.
A privacy advisor is included in many of the tested products. It also scans the installed apps, not for
malicious behaviour but for possible privacy violations. This means that apps are analyzed for
uncommon, unnecessary or inappropriate app permissions, such as access to contacts, GPS position
or the Internet, which could lead to the user’s private sphere being breached. Some security products
advise the user to uninstall any apps that are found to have given themselves such inappropriate
Some security products offer browser protection. This protects the user while surfing the Internet, by
preventing the user from inadvertently downloading malicious apps, or accessing phishing websites.
Some security apps offer support for a variety of different browsers, including those made by thirdparty app developers. In our opinion this is an important question, as many smartphone users like to
use their preferred browser on their smartphone. We noticed that some of the tested products only
offer support for the standard Android browser. In our opinion this is inadequate, as the stock browser
was removed from Android version 4.4 and there has not been a standard Android browser in the OS
versions that have appeared since then. The graph below shows the market share of mobile browsers
as at July 2016. The Android browser only has a share of 7.27%, with a decreasing trend. Please note
that Android 4.4, the first version not to have a standard browser integrated, first became available
at the end of October 2013.
Mobile Security Review 2016
Global market share mobile browsers 2009-2016
Market share
Jan Mai Sep Jan Mai Sep Jan Mai Sep Jan Mai Sep Jan Mai Sep Jan Mai Sep Jan Mai Sep Jan Mai
09 09 09 10 10 10 11 11 11 12 12 12 13 13 13 14 14 14 15 15 15 16 16
UC Browser*
IE Mobile
Samsung Internet
A major component in various security apps is the anti-theft module. It is designed to execute
commands on a device that has been lost or stolen. As mentioned in previous sections, Android 6
includes core anti-theft features, such as remote locking, location, wipe and an alarm sound. Many of
the security products we tested extend this base functionality with additional features such as taking
pictures of the thief, location tracking or automatic notification in the event of a SIM-card change.
The anti-theft components are controlled via a web interface or text-message commands. The latter
have the advantage that they work even if no internet connection is available, but they are less
convenient to use. If the Android OS is not appropriately configured by the user, text messages are
shown on the lock screen as notifications, and so texts containing e.g. the unlock code could be read
by a thief. With Android 4.4 and later, app developers are no longer able to programmatically delete
text messages as they arrive, and so cannot prevent the text messages used for their commands being
seen on the screen when they arrive.
Some manufactures get around this issue by providing a binary SMS function, which does not show
messages on the screen, in order to prevent this issue. This binary SMS system is generated by the
anti-theft app itself, meaning the same app has to be installed on the friend’s/relative’s phone used
to send the commands for the anti-theft functions.
Mobile Security Review 2016
Products tested
The products included in this year's test and review are listed below. The latest products2 were taken
from major app stores like Google Play at the time of the test (July 2016). After the product review,
manufacturers had the opportunity to fix any flaws we found. Any problems that have already been
solved are noted in the report.
Product Name
Ali Money Shield
AVL for Android
Mobile Security & Antivirus
AVG Antivirus Pro
Avira Antivirus Security
Baidu Mobile Guard
Mobile Security & Antivirus
Mobile Security & Antivirus
G Data
G DATA Internet Security
Kaspersky Lab
Kaspersky Internet Security
McAfee Mobile Security
Trend Micro
Mobile Security & Antivirus
To give you an easy overview on the features of a product we are introducing symbols like we are
already using on our website. At the beginning of every report you will find all these symbols either
orange which means the product includes such a feature or greyed out if it doesn’t.
includes a feature to scan against malicious apps
includes remote features in case the smartphone gets lost or stolen
includes a web filtering feature to block dangerous sites
App Audit
includes features to audit installed apps
includes features to block unwanted calls and/or SMS
includes a feature to backup files on the smartphone
A comprehensive overview of the mobile security products available on the market can be seen on our website:
Mobile Security Review 2016
The perfect mobile-security product does not yet exist. As with Windows products, we recommend
drawing up a short list after reading about the advantages and disadvantages of each product in our
review. A free trial version of each candidate product can then be installed and tested for a few days;
this should make the decision easier. Especially with Android security products, new versions with
improvements and new functions are constantly being released.
By participating in this test, the manufacturers have shown their commitment
to providing customers with quality security software. As this report shows,
we have found some degree of malfunction in some of the tested products.
The manufacturers of the affected products have taken these problems
seriously and are already working on solutions. As the core functions of all
the products we tested reached a very good level, we are happy to present
our "Approved Award" to all participating manufacturers.
Alibaba Ali Money Shield is an easy-to-use product, clearly focused on security and payment
Antiy AVL for Android accomplishes the basic tasks of an Antivirus app effectively, namely scanning
for malicious apps.
Avast Mobile Security & Antivirus provides well-implemented features for almost any use case.
AVG Antivirus Pro provides a feature-rich security app which in the free version also fulfils the basic
task of malware and theft protection.
Avira Antivirus Security provides a well-designed app which provides effective protection against
malware and theft.
Baidu Mobile Guard is an easy-to-use product with important security features like Wi-Fi check and
an AV scanner.
Bitdefender Mobile Security and Antivirus provides an easy-to-use product which offers great
protection against malware as well as anti-theft.
ESET Mobile Security & Antivirus is a well-developed security application for Android that concentrates
on its core features.
G Data Internet Security is a comprehensive mobile security application that offers lots of
functionality to premium subscribers.
Kaspersky Internet Security for Android is an easy-to-use mobile security app for users who want to
install a single application and have done with it.
McAfee Mobile Security provides a great security product with good malware detection and a
comprehensive anti-theft component.
Tencent WeSecure represents a basic, lightweight anti-virus application.
Trend Micro Mobile Security for Android is a comprehensive app that provides an advanced security
Mobile Security Review 2016
Protection against Android malware
Methods of attacking mobile devices are getting more and more sophisticated. Fraudulent applications
attempt to steal users’ data or money. To reduce the risk of this happening, follow the advice given
here. Only download apps from Google Play or reputable app makers‘ own stores. Avoid third-party
stores and sideloading3. Another indication of untrustworthy apps is irrelevant access rights. For
example, an app that measures the speed at which you are travelling has no need to access your phone
book or call log. Of course, even if an app does this, it is not a clear-cut indication that it is malicious,
but it makes sense to consider whether it is genuine and should be used. A look at the reviews in the
app store is also a guide; avoid apps with bad or dubious reviews. If you Root your smartphone, you
will have more functionality on the phone, but equally the opportunity for malicious apps to take
control will also increase. Another point to consider is the warranty. It is not legally clear-cut whether
the warranty is still valid if the phone is rooted. In many cases, the warranty will be considered null
and void.
How high is the risk of malware infection with an Android mobile phone?
This question is difficult to answer, as it depends on many different factors. In western countries, if
using only official stores such as Google Play, the risk is much lower than in many Asian countries,
especially China. Many rooted phones and unofficial app stores can be found there, increasing the
chance of installing a dangerous app. In many parts of Asia, the smartphone is used as a replacement
for the PC, and is frequently employed for online banking. Banking apps are also becoming more
popular in Europe and the USA. There is a high risk involved in receiving the TAN code on the same
phone that is used to carry out the subsequent money transfer. In western countries, assuming you
stick to official app stores and don’t root your phone, the risk is currently relatively low, in our opinion.
However, we must point out that “low risk”is not the same as “no risk”. In addition, the threat
situation can change quickly and dramatically. It is better to be ready for this, and to install security
software on your smartphone. Currently, we would say that protection against data loss in the event
of the phone being lost or stolen is more important than malware protection.
AVC UnDroid Analyser
At this point, we would like to introduce AVC UnDroid, our new
malware analysis tool, which is available free to users. It is a
static analysis system for detecting suspected Android malware
and adware and providing statistics about it. Users can upload
.apk files and see the results in various analysis mechanisms.
We invite readers to try it out:
- 10 -
Mobile Security Review 2016
Test Set & Test Results
The malware used in the test was collected by us in the last few weeks before the test. We used 3,729
malicious applications, to create a representative test set. So-called "potentially unwanted
applications” were not included. The security products were updated and tested on the 12th July 2016.
The test was conducted with an active Internet connection on genuine Android smartphones (no
emulators were used). The test set consisted exclusively of .APK files. An on-demand scan was
conducted first. After this, every undetected app was installed and launched. We did this to allow the
products to detect the malware using real-time protection. A false-positives test was also carried out.
The results can be seen below (sorted by Malware Protection and number of False Alarms).
Protection Rate
Protection Rate
False Positives
Mobile Protection Rates
False Positives
As can be seen above, the protection rates against real Android malware are very high. This might be
due to the increasingly aggressive detection by app reputation for apps that are not on Google Play,
but also because many of the participants in our test are leading mobile security vendors with good
protection rates.
Mobile Protection Rates
Bitdefender, Trend Micro
Kaspersky Lab, Tencent
G Data, ESET, McAfee
Protection Rate
False Positives
Avast has an option to report/detect apps which are not very widespread and are deemed as suspicious. With
this option, Avast would score 99.9% and have 37 FPs. Avast noted that that FPs would not be encountered if
apps were installed from well-known and reputable stores which they have whitelisted.
- 11 -
Mobile Security Review 2016
Battery Drain Results
As in our previous reports we measured the additional power consumption of an installed mobile
security product.
Testing the battery usage of a device might appear at first glance to be very straightforward. If one
goes into more detail, the difficulties become apparent. Particularly with mobile phones, the usage
patterns of different users are very varied. Some use the multimedia functions extensively, others view
a lot of documents, while some use only the telephone functions. We need to differentiate between
power users, who take advantage of all of the possible functions in the device, and traditional users
who merely make and receive phone calls.
The test determined the effect of the security software on battery use for the average user. The
following daily usage scenario was simulated:
• 30 minutes telephony
• 82 minutes looking at photos
• 45 minutes surfing the Internet with the Android browser
• 17 minutes watching YouTube videos with the YouTube app
• 13 minute watching videos saved on the phone itself
• 2 minutes sending and receiving mails with the Google Mail Client
• 1 minute opening locally saved documents
In our test, we found that most mobile security products have only a minor influence on battery life.
Battery Drain Results
G Data
Kaspersky Lab
Trend Micro
In general, we were able to give the tested security suites high marks. Three products in this year's
test showed a slightly increased battery drain: Kaspersky Lab, McAfee and Trend Micro.
- 12 -
Mobile Security Review 2016
Ali Money Shield
The Ali Money Shield is a free security product, which includes performance and various security
components, but clearly focuses on providing protection for users with a account.
In the initial setup the “Ali Installation license
and service agreement” is already marked as
accepted. After the user taps “Enter Money
Shield 5.0”, the user is directed to the main
program window. After each start, Ali Money
Shield automatically performs a quick security
check of the device.
In our test, the app successfully deleted all
contacts, the call log and all pictures.
Nevertheless, text messages were not deleted
as described, even after repeated attempts to
explicitly erase them. With the device’s frontfacing camera, the app successfully snapped
two pictures of the “thief”, and displayed these
within the web interface.
AV Scanner
Quick check-up
The AV Scanner is part of the Tool Box and by
default, performs a quick scan. In the scan
settings, the user can change the default scan
action to full system scan, and update the virus
definitions manually.
The quick check-up rates the phone’s security
status according to Alibaba’s scoring rules. The
result of the checkup is displayed on the main
program tab of the “Ali Money Shield”. Users
can earn additional health points by activating
their Taobao protection, conducting a deep AV
scan, and protecting themselves against
privacy and security risks from applications. On
the same tab we can see how many calls and
nuisance text messages have been processed
by the Ali app.
Theft protection
Only users with a Taobao account can use the
Ali theft protection feature. The Ali app
requests administrator permissions for the
device. Via the web interface,
the smartphone owner can sound an alert on a
misplaced device, locate it, or wipe personal
- 13 -
Mobile Security Review 2016
Tool Box
Task bar
Besides a file and memory clean-up, the tool
box provides the AV-Scanner, Payment Guard,
an app lock, a fraud blocker and a Wi-Fi
scanner. Additionally, the Ali theft protection
can be found here, which requires a Taobao
Via the Ali taskbar we have easy access to
smartphone tuning, a “safe” OCR scanner,
clean-up functions and a flashlight.
Furthermore, the number of nuisance calls/text
messages that have been intercepted by the Ali
app is displayed.
On the final tab, we find a feature to uninstall
applications, access the the Ali app store, and
Ali 110 to report to Taobao-related problems
such as hacked Taobao accounts.
The Ali spaceship
After installation of the Ali app, our test device
had a tiny circular object (“spaceship”) on one
side of the mobile desktop. After the user drags
this spaceship to middle of the screen, the
application performs a quick clean-up.
Fraud and Nuisance Blocker
Unsolicited sales calls are an irritating and
annoying interruption all Chinese smartphone
users have to cope with. In our test, the app
correctly marked mobile and landline phone
numbers that at the time of the review had
been used for unsolicited sales calls.
Ali Money Shield is an easy-to-use product,
clearly focused on security and payment
protection. We very much liked the simple
design, which is not overloaded with features.
My Safebox
deinstallation password to the theft-protection
Here users can add their Taobao account
numbers and identify themselves as the
rightful owner of the account. For
authentication, a text message is sent to the
mobile phone number that is registered with
the Taobao account.
Anti-Theft Details
Commands Web
Additional Features
Face Cam
Takes a photo of a potential thief
- 14 -
Mobile Security Review 2016
AVL for Android
AVL for Android is a security app that concentrates on malware-scanning features. This is also implied
by their slogan We focus on Antivirus Engine. Additionally, safe browsing and call-blocking features
are provided, please see details of these below.
apps for your reference, and provides a oneclick clean-up function to remove all the
malicious apps detected. In addition to
configuration options related to the scans, the
safe browsing and call-blocking features can be
found here. When we tested the safe browsing
feature, none of the tested malicious sites were
blocked. We note that the call-blocking feature
only worked with Chinese telephone numbers
in our test.
After installation, the app opens directly on
the home screen, no initial setup or acceptance
of terms and conditions is needed.
The app provides both custom and app-only
scans, which can be run manually. With the
former, options to scan the installed apps on
the mobile phone or the APK files on the SDCard are provided. Additionally, real-time scans
are run on any new apps when they are
installed. Scans already performed can be
viewed in the scan log, in which individual
results for each scanned file are listed.
AVL for Android accomplishes the basic tasks
of an Antivirus app effectively, namely
scanning for malicious apps. It also provides
abundant configuration options, which allow
the user to fine-tune the scan.
Scan options, like the usage of heuristics, can
be adjusted in the settings. The settings are
found under the menu button “Setup”. In
Settings, you can open or close any different
scan options depending on your own needs.
AVL for Android can output the fine-grained
scan reports about the malicious or suspicious
For users whose major concern is file scanning,
this app would easily be sufficient.
- 15 -
Mobile Security Review 2016
Avast Mobile Security
Avast is a comprehensive product which has always offered a great range of security features. The
version tested this year has brought some major changes and a completely new design. This also can
be seen in the version number; in our Mobile Test of 2015 we tested version 3.0, while this year we
already had version 5.2.0. Due to the many features available, Avast has made non-essential functions
into separate apps, so users can decide which features they want to install and use. Therefore, besides
the anti-theft feature (which because of security reasons has always been a separate app), the
following apps are provided by Avast but not covered by our test: Cleanup, Battery Saver, SecureLine
(VPN Service), Passwords (Password Manager), WiFi Finder
The main app provides the anti-virus function, app locking, call blocking, a privacy advisor, a Wi-Fispeed and security check, as well as a firewall. The latter is only relevant for users who have rooted
their phones.
A scan is responsible not only for file scanning
but also for checking for other potential risks
such as installation from unknown sources or
USB debugging being enabled. Advanced users
who have deliberately enabled such insecure
features can suppress their warnings easily.
After the installation, the EULA has to be
accepted, then the user is directed to the home
screen where a first scan is suggested.
Smart Scan
The main feature of the app is the smart scan.
customisations, and provides an easy one-click
experience. In the settings we only find
options to toggle the detection of PUA/PUP,
and warnings for apps with a poor reputation.
A scheduled scan can also be set.
- 16 -
Mobile Security Review 2016
App Locking
This feature comes as a separate app, which
can be controlled by text message or web
interface. The initial configuration sets up a
PIN code which locks the app and also is used
for SMS commands. Additionally, an account is
created which can be used to control the app
via the web control. To use commands like the
“audio record” the app has to be connected to
Google Drive to store the data. To hide the app
from a potential thief stealth mode can be
activated which hides the app shortcut in the
menu. The web commands are easy to use, with
a well-designed interface. As noted in the AntiTheft details section, for recording audio and
photos, the app needs to be linked with Google
Drive so it can upload the created files.
Unfortunately, there is no prompt for this in
the setup process of Anti-Theft, and therefore
it can easily be missed. If text-messages are
used to send anti-theft commands from e.g. a
friend’s phone, these ideally be sent from
another phone with the Avast app, as these will
not be shown anywhere. Avast inform us that
standard text messages can be used as well,
although we had difficulty finding this
It is easy to protect apps from unauthorized
usage with a PIN code. The protection works
fine, and Avast shows a lock screen every time
a protected app is used. In our test, we could
not uninstall the Avast app via the Android
settings, but we were able to remove it by
dragging its icon on the home screen, which
obviously removes all its protection features.
Privacy Advisor
The privacy advisor lists installed apps and
shows the permissions each one has, as well as
ad networks used.
Avast provides well-implemented features for
almost any use case. Its well-designed Smart
Scan and the additional Anti-Theft App provide
a great user experience for these core features.
Uninstall protection for the App-Lock app
itself, and accepting standard text messages
for anti-theft functions, would be useful
Wi-Fi Check
This tool checks available Wi-Fi networks for
threats and establishes if it is safe to use them.
This is done by checking things like the
encryption used. After such a test has been
run, it is also possible to check the connection
Call Blocking
The call blocking feature is implemented as a
simple “blacklist” but when using the rule “All
unknown numbers” it is effectively whitelisting
known numbers. In our test this feature worked
as expected, and managed to supress an
incoming call. On our test system, the phone
rang once before the call was blocked; Avast
inform us that this only happens with some
(older) mobile phones.
- 17 -
Mobile Security Review 2016
Anti-Theft Details
Commands Web
Locate / Track
Mark as Lost
Launch Anti-Theft
Record Audio
Take Picture
Get data
Initiate Call
Show Message
Mark as Lost/Found
Displayed on Google Maps Map
Triggers configured actions like tracking, lock, siren, …
Allows to forward all incoming calls and SMS to a given number.
Opens Anti-Theft user interface on device
Records audio for a predefined duration of 1-5 minutes, needs enabled
Google Drive
Takes a picture with the front or back camera. Optional: The camera is
triggered when the screen is turned on. Needs enabled Google Drive
Allows to fetch data (calls, SMS, contacts) from the device. We found it quite
hard to find the fetched data.
Allows to call a given (in web interface) phone number
Allows to send a single message, which is shown as popup
Commands SMS
As already mentioned SMS commands are set from within the Avast app. This
enables the usage of binary SMS which can’t be read on the receiving phone.
To get SMS answers from the receiving phone SMS responses have to be
explicitly activated. In our test all commands worked as expected only the
locate command works in an unexpected way. The behaviour of the locate
command is strange, the evaluated location will not be sent back to the
phone who triggered the call but rather sent it to a set “friends” number
which can be set in the advanced settings.
Additional Features
SIM Change Protection
Sets the phone status too lost
- 18 -
Mobile Security Review 2016
AVG Antivirus PRO
AVG provides a comprehensive app with a clear and easy to use design. It comes in a free and a Pro
version, whereby the Pro version enables “Camera Trap”, “Device Lock” (on sim replace), “App Lock”
and “App Backup”. Additionally, advertisements are removed in the Pro version.
In the scan settings we can also find the Safe
Web Surfing component which protects us from
threats like phishing. However, in our test we
couldn’t provoke even a single detection using
Google Chrome. As mentioned in our
introduction, this is unacceptable, considering
the default Android browser was removed from
Android in version 4.4 (KitKat) which was
released in late 2013.
The app starts up to a clean home screen from
where the main components of the app can be
reached. A green circle shows that everything
is in order, and no threats have been detected.
On the first start this circle flashes up orange,
which indicates that a first scan should be
started. A scan can be started by pressing this
circle. In the event of a threat, the circle
changes its colour accordingly. A red circle
indicates unsafe files like malware found, and
an orange one unsafe settings like an enabled
debug mode.
The Anti-Theft component can be handled via
a decent web interface or text message. In our
test, all the commands worked as expected. To
perform a factory reset when wiping the phone,
the app has to be made a device administrator.
If this has not been done, AVG tries to delete
data without a factory reset. In our test, only
files on the internal storage and the call log
where deleted. Data like the text-message
Logs, Browser History and our logged in
Accounts were not wiped.
As mentioned above, a simple scan can be
started directly from the home screen. If
threats have been found, we can see the scan
logs by pressing on the button again. In the
protection menu we can find the settings for
the scan, a file scanner and a list with ignored
threats. A manual update can also be triggered
from here.
- 19 -
Mobile Security Review 2016
Battery Usage
This component offers app locking, call
blocking and an app backup, which simply
saves the Android installation files to the SD
card. Additionally, it offers Wipe by Category,
which lets you wipe your contacts and/or call
logs. These components seem to work
conveniently, with exception of the call blocker
which lacks usability and blocking options.
This component monitors the battery usage of
the phone. It is possible to set a battery level
at which the user should be warned, as well as
one where the phone should go in powersaving mode. This mode will disable features
like Bluetooth and Wi-Fi to save battery.
Task Killer
Task Killer shows all currently running apps. It
is possible to kill each of them separately or all
at once.
This component provides tools to monitor data,
storage and battery usage and provides some
optimisations for these.
AVG provides a feature-rich security app which
in the free version also fulfils the basic task of
malware and theft protection. The Pro version
impressed us with additional security features
like the device lock on SIM replacement.
App Lock
Here one has the possibility to protect
sensitive apps with a password. AVG helps by
suggesting sensitive apps which should be
This provides an encrypted space to store
Anti-Theft Details
Commands Web
Plays the devices ringtone, which can be stopped on the phone
Displayed on Google Maps Map
Locks device with a definable 4-digit PIN, a custom message can be
Unlocks a phone locked by AVG
Security PIN
Changes the PIN which is used for SMS commands and to lock your
Commands SMS
If SMS are used because there is not internet connection available on
the phone, pressing the “Forgot Password” option buts the lock screen
in bugged state
Additional Features
Camera Trap
SIM Protection
Locks your phone if the SIM is replaced
- 20 -
Mobile Security Review 2016
Avira Antivirus Security
Avira provides a comprehensive product which is available in a free and a Pro version. The core features
of Avira are the malware protection as well as the Anti-Theft component. Additionally, Avira
SafeSearch, Identity Safeguard, a blacklist for unwanted calls and a Privacy Advisor are provided. The
Pro version enables Secure Browsing as well as more frequent antivirus database updates. Avira
Optimizer and App Lock are offered as separate apps.
In the Pro version the user is additionally
protected with secure browsing, which warns of
harmful sites such as malware and phishing
On the first start, on is guided through a
welcome tour, which introduces the
components of the app. After that we are
prompted to register or log in to the app
followed by an initial malware scan of the
phone. To login we can use either a Facebook
or Google Account or create an own Avira
The virus database is updated automatically
whereby Pro users get them more frequently.
The Anti-Theft component offers web control
but no text-message control. The commands all
worked as expected and we were not able to
bypass the Avira lock screen.
The Antivirus component offers a one-click
experience, whereby advanced users can
configure the scan in the settings. It is
possible to optionally scan for adware, PUAs
and riskware, and choose if apps and/or files
should be scanned. Additionally, a scan can be
triggered whenever storage is mounted or a
USB cable is unplugged. A scan scheduler is
also offered which lets you set automatic scans
at specific times.
The Wipe function offers the three options
Storage, SIM Card and Factory Reset as shown
in the following picture:
- 21 -
Mobile Security Review 2016
SafeSearch” (a widget that enables searching
via Avira’s own search engine), “Identity
Safeguard”, which looks up databases of email
addresses known to be compromised, and
“Privacy Advisor”, which rates the privacy risk
of apps according to their permissions.
In addition to those features directly
integrated into the app, two separate apps
offered by Avira, namely “App Lock” and “Avira
Optimizer”, can be installed. The first provides
password protection for apps, while the later
tries to optimize your phone’s storage and
Storage and Factory Rest worked as expected
but we were able to restore the data on the SD
card with a common recovery tool. In our tests
we were not able to delete data stored on the
SIM card. To be fair, it has to be mentioned
that it is not that easy to write to a SIM card
in the first place. Recent Android versions
simply don’t offer the option to store contacts
or SMS on the SIM card anymore. Therefore,
deleting SIM cards is not a big issue nowadays.
Avira provides a well-designed app which
provides effective protection against malware
and theft. The latter relies on web commands,
and we feel additional text-message commands
would be a nice addition. The execution of the
Wipe command is a bit confusing, and users
who are not willing to experiment with the
different options might not get the expected
Additional Features
In addition to the core features, Avira provides
a Blacklist to block unwanted calls, “Avira
Anti-Theft Details
Commands Web
Displayed on Google Maps Map
Play Sound
Plays a sound for 20 seconds.
Lock Your Device
The phone will be locked with a new PIN defined in the web interface.
Additionally, a message and a contact number can be displayed.
Device Report
Gives you available information of your Phone like IMEI and device
SD-Card data is restorable. SIM-Card wipe not working.
- 22 -
Mobile Security Review 2016
Baidu Mobile Guard
Baidu Mobile Guard is a free security product, which offers many functions including mobile tuning,
protection against security and privacy risks, mobile payment protection and a family guard function.
Security Protection
The installation process creates a Payment Safe
icon on the home screen of the smartphone.
Within the Payment Safe component we find
the ride-sharing app Didi Chuxing, which is
installed on our test device, marked as already
protected. After the user tabs “Enter Guard”,
the user is directed to the main program tab.
The current Baidu app offers a whole set of
functions to protect the user from various
security threats. After each tap, the app carries
out an automatic security check. From within
the security tab, we can scan the device for
malicious apps, check the safety of our Wi-Fi,
scan for system vulnerabilities and test the
safety of the payment environment.
AV Scanner
Frequently used functions
An AV scan starts automatically, and after the
scan is finished, we can access the scan
settings in the result tab. Cloud scan is
activated by default and all app installations
are automatically checked. We can start a full
scan manually and we can allow Baidu to
upload unknown samples when our device is
connected to Wi-Fi.
On this tab, Baidu offers smartphone speedup,
trash cleaning, security protection, a family
guardian, an app store and app management.
Initial check-up
The user sees in the center of the tab a circular
display showing the current health of the
mobile device. When the user taps the display,
the app removes system trash, ends processes,
analyses apps and activates various protection
features such as text-message fraud protection,
telephone fraud protection, and a test of the
network environment.
- 23 -
Mobile Security Review 2016
After our check-up, the mobile phone speedup
found no further way to speed up the system.
Nevertheless, the trash removal function found
20.4 MB of system cache, leftovers from APP
deinstallations and app installation packages.
The Baidu Mobile Guard reported the detection
of leftovers of LeTv Sports, an app that we had
not installed on our test device.
text-message feature that asks to take over as
the default text-message app on our
smartphone, and permission management that
needs to be installed in the form of separate
app. Non-security features include a general
app store and a Wi-Fi management tool.
Finally, Baidu offers its users a feature to root
the smartphone, and a shortcut for installing
Baidu Search.
Family Assistance
Fraud and Nuisance Blocker
Baidu Mobile Guard offers an Assistance
function for older, perhaps less smartphoneliterate family members. To become an Assisted
Person, a user has to install the Baidu Mobile
Guard or accept an invitation by text-message
from the Assistant to install the app. After the
Assisted Person has approved the Assistant,
he/she can contact him/her with a single tap
on the tiny phone icon next to the Assistant’s
phone number. The Assistant can connect to
the Assisted Person’s phone and conduct
remote tuning operations such as trash removal
and checking for phone calls and text messages
blocked by this app. The remote check of the
data volume and mobile phone balance also
worked in our test. Our test Assisted Person was
informed by the app of our check. Locating our
Assisted Person’s phone also worked as
Unsolicited sales calls are an annoying
interruption all Chinese smartphone users have
to cope with. In our test, the app correctly
marked mobile and fixed-line phone numbers
that at the time of the review were being used
for unsolicited sales calls.
Mobile Speedup and Trash Removal
App Management
On the application management tab, Baidu
provides app management functions such as
deinstallation, app update and moving apps to
a SD card. On the same tab, there is access to
a Baidu app store and to two games.
Baidu Mobile Guard is an easy-to-use product
with important security features like Wi-Fi
check and an AV scanner. The Assistance
feature is new and unique. Enlarging its
contact button and making it more clearly
visible would further improve its usability for
elderly or less smartphone-literate users. We
recommend adding a full theft-protection
feature, as the danger of unauthorized access
to private information on stolen or mislaid
mobile devices should not be underestimated.
Treasure Box
Users can access a variety of features via this
tab. Baidu offers security and privacy-related
functions such as antivirus, a disturbance
blocker and a lock that controls app access with
a gesture password. We also found a secure
- 24 -
Mobile Security Review 2016
Bitdefender Security and Antivirus
Bitdefender Security and Antivirus is a well-engineered paid product which can be purchased for €9.95
per year. In addition to malware protection and an anti-theft component, the app provides a privacy
advisor, web protection, and an app-lock app.
During the installation process, the user has to
log in with a Google or Bitdefender Account.
Sending anonymous statistics is an opt-out.
After accepting the EULA, a 15-day trial period
starts. Bitdefender recommends running an
initial malware scan.
To fully activate this component, the app has
to be set as a device administrator. The user
has to set a 4 to 8-digit pin to prevent
unauthorized access to the device. During
setup, the phone number of a trusted friend,
who will be notified if the SIM card is replaced,
has to be entered. Furthermore, this is the one
and only number which is allowed to send wipe
commands via text message. The anti-theft
component can be controlled using textmessage commands, as well as with a welldesigned control panel via the Internet.
Malware Scanner
The malware scanner checks if the device is
infected with any kind of malicious software.
There are not many options available. The user
can only decide if the storage is scanned, and
toggle the real-time protection Autopilot
on/off. Furthermore, the in-the-cloud detection
feature can be toggled. If it is enabled, suspect
apps can be uploaded for further
investigations. We liked the fact that malware
scans can be triggered from the web-based
control panel. This interface also displays the
scan results of previous scans.
Privacy Advisor
The privacy advisor queries Bitdefender’s cloud
service (which took some time in our test) to
check the permissions of all installed apps on
the device. Bitdefender rates the privacy in
points. We got 58 points on our test device.
Bitdefender gives a short introduction to the
scoring, and states that lower scores are better,
but does not state upper or lower boundaries
- 25 -
Mobile Security Review 2016
or give a hint as to what an average score
would be. Bitdefender tell us that they are
considering how to make this clearer. However,
we liked the fact that all permissions can be
viewed for each installed app. Bitdefender
gives a short explanation for each permission.
The component allows the user to protect
installed apps with the predefined Bitdefender
PIN. The function “Snap Photo” can optionally
be used to take pictures with the device’s front
camera whenever 3 incorrect PIN entries are
made. Additionally, it is possible to disable the
function if the device is connected to a
predefined Wi-Fi (secure environment). The
component worked properly in our tests.
Web Security
This feature protects the user while browsing
the web and works with the stock Android
browser, Chrome and Firefox. Bitdefender
states that it protects the user from malware,
phishing and other fraudulent content.
Bitdefender uses its own cloud service for
decision-making. In our quick test this
component worked as expected.
Bitdefender provides an easy-to-use product
which offers great protection against malware
as well as anti-theft. In our tests all features
worked as expected, but please see note on
lock function in the table below. As mentioned
in the anti-theft details Bitdefender has to at
least warn the user about the issue or provide
a better solution.
App Lock
To use this feature, Bitdefender has to be
enabled in the menu “Apps with usage access”.
Anti-Theft Details
Commands Web
Displayed on Google Maps Map
Send Message
Message can be displayed on screen. Optional: Alarm sound
Lock Device
Locks the device with the Android lock screen. The PIN is set in the
web interface
Wipe Device
Factory Reset
Commands SMS
Link to Google Maps is sent
The lock screen uses the PIN which is sent in the text message. If
notifications are shown when the device is locked a thief will see the
PIN in the SMS notification. Bitdefender should at least advise the
user to disable notifications to prevent this issue. Bitdefender tell us
that they will deal with this issue in a future update.
Factory Reset, Number allowed to wipe must start with +xx to work
Call is not hidden and speaker is not muted
Sends the usable commands
Additional Features
SIM change protection
- 26 -
Mobile Security Review 2016
ESET Mobile Security & Antivirus
ESET Mobile Security & Antivirus is a straightforward security application for Android smartphones. At
the moment, a premium license for one year costs €9.99. Among the features available only to premium
users are anti-theft, automatic updating of the threat database, SIM Guard, SMS & call filter and
scheduled scans.
aforementioned file types on external storages
like SD cards. A third option named Deep Scan
checks every file on both internal and external
memory, and is therefore the most time
consuming mode. In the event of a detection a
detailed description of the threat family, and
assessment of its risk level, are provided. This
could allow expert users to make their own
decisions if they want to. Users can also choose
in the application settings the server from
which the signature updates are downloaded.
Besides the default server, the application
offers updates from a pre-release server. Realtime protection, which automatically scans
files the device interacts with, can be toggled,
as can scheduled scans. It is also possible for
users to decide if they want the Anti-Virus to
detect potentially unwanted applications (such
as adware) and potentially unsafe applications.
On first start-up users have to accept the
license agreements and select their preferred
language and current country. Furthermore,
users have to decide whether they want to
participate in ESET Live Grid (a feature that
collects data, and surveys installed
applications using an online database), and if
potentially unwanted applications (PUAs)
should be detected. No registration is required
since the application uses the Google account
set up on the device. New users can try the
app’s premium features free for 30 days.
For antivirus scans, three different modes are
at hand. Quick mode checks all installed
applications and .dex (executable), .so (library)
and .zip archive files on the phone’s own
storage only.
- 27 -
Mobile Security Review 2016
Security Audit
The application’s Anti-Theft feature requires
some preparation before it is ready to use.
Setting a password, which is needed to access
the Anti-Theft settings in the future and to
unlock the phone in case of loss, is mandatory.
The app also requires device admin rights to
enable uninstall protection. Users can
authorize their current SIM card in the app’s
SIM-Guard feature which automatically locks
the device if an unauthorized SIM card is
With a feature called Security Audit, users can
monitor important device configurations
within the application. The audit is split into
device monitoring, which concentrates on
system setting, and an application audit that
shows granted app permissions.
If some feature appears not to function
properly, or its purpose is not clear, the user
can look it up in the application’s help pages.
They are available via a question-mark button
on the top bar of the app.
ESET provides a web interface for remote
control, which requires a separate user
account. When connection to the web interface
is enabled, the application automatically goes
into a proactive protection mode. On detection
of suspicious activity, such as entering an
invalid unlock code multiple times, the
application will lock the device, track its
movement and take pictures regularly.
ESET Mobile Security & Antivirus is a welldeveloped security application for Android that
concentrates on its core features. It is simply
structured, easy to use and offers in-app help
pages that leave few questions unanswered.
Apart from the anti-phishing feature, which did
not function at all, the application worked
flawlessly and can be recommended to users
who like to keep it simple.
The application also rates the optimization
level of the device when connected to the web
interface and suggests improvements of device
configuration that enhance Anti-Theft
SMS & Call Filter
With these feature users are able to block
incoming and outgoing calls using black/whitelisting. When using Android 4.4 or
higher the application notifies the user that
SMS can’t be blocked.
This feature did not work in our testing
environment. The app itself states that some
browsers might not be supported. During our
tests, none of the commonly used browsers
functioned with the feature. ESET inform us
that this problem is specific to Android version
6.x and they will fix it in a future update.
- 28 -
Mobile Security Review 2016
Anti-Theft Details
Locate / Track
Commands Web
Displayed on Google Maps Map
Mark as Lost
Triggers device lock, automatically tracks phone position and takes
Download activity
Deleted data from the SD card could easily be restored; ESET tell us this
only affects some devices and they are working on a fix.
All the taken pictures and locations can be downloaded as a ZIP archive
Allows user to send a single message, which is shown as pop-up
Automatically locked when marked as lost
Commands SMS
As for web Wipe command
Additional Features
SIM Guard
Locks the device if device administrator rights are removed from the app
- 29 -
Mobile Security Review 2016
G Data
Internet Security
Internet Security from G Data is an application for Android Smartphones that not only provides
malware protection but also gives the user various other tools related to mobile security. Its features
include theft protection, parental control, phishing protection, call filters and app management. The
app is also available as a free version, though most of its features are only useable with a premium
On first start-up, Internet Security requests
multiple permissions along, with a popup
message explaining why they are needed. To
use the app, the user has to log in or create a
new account. Currently a 30-day trial period of
a Pro subscription is offered to new users. In
order to start the application, the user has to
accept the license agreements.
Before using theft protection features of G Data
Internet Security the user has to set a numeric
password for text-message commands in the
Lost/Stolen configurations. Optionally a
reference email address, to which answers to
SMS commands will be sent, can be entered, as
well as a telephone number from which the
previously chosen password can be changed
remotely. To work properly, the application
also needs device-administrator rights. The
users’ device can be auto located when its
battery runs low, which can be useful if you
lose your phone when it is already short on
power. Another feature of Anti-Theft is the
option to sound an alarm when the headphones
are unplugged. This may be useful e.g. as a
quick and easy means of sounding an alarm in
an emergency.
When using the scan utilities, the user can
choose to scan only installed applications or
the whole system. Other app features are
usable during the virus check; the current
progress can be seen in the Security Center. The
available scan settings include the option to
run a scan on newly installed apps, and
scheduling periodic application or full system
scans in predefined intervals. The user can
choose to run scans only when recharging or
when using a battery-safe mode.
- 30 -
Mobile Security Review 2016
Additionally, to the SMS commands, G Data
offers a Web interface from which users can
control their devices remotely. To get access to
the Action Center the user has to register a new
account first. Authentication with an existing
Internet Security account is not possible.
Call Filter
This feature is supposed to block incoming or
outgoing calls and texts (the latter not
available on Android 4.4 or higher) in a userdefined time period. It is possible to combine
contacts into groups and apply filters on them.
The application offers an option to block
anonymous numbers, but we were not able to
make this work in our test scenario.
Internet Security offers real-time web
protection against phishing threats for mobile
browsers. To use secure browsing, the user has
to enable the feature in the settings. When
trying to open a phishing site, the browser
displays a warning page.
Hide Contacts
If you don’t want others to see some of your
phone contacts for whatever reason, you can
add them to a feature called “hide contacts”
and they will disappear from your contact list.
All further communication should only be seen
in the Internet Security application. This
feature did not work for the contact-related
messages in our testing environment, however.
The application provides a permission
management tool where either apps by
permission, or vice versa, can be listed. It is
also possible to remove those apps and add
them to app protection.
G Data Internet Security is a comprehensive
mobile security application that offers lots of
functionality to premium subscribers. Most
functions, especially its core features, worked
as expected and are well implemented. Some
minor components are rather inconvenient to
App protection
This feature password-protects selected
applications and restricts access to authorized
users only. Before app protection is ready to
use, it has to be enabled in the settings, and a
password needs to be chosen. To protect
applications, the user has to hit the Add button
and select the desired apps from a list.
Parental Control
Internet Security contains a comprehensive
parental control feature which allows to define
phone usage restrictions regarding time, a set
of appropriate applications, web browsing
restrictions and pre-set system settings.
Panic Buttons
A panic button can be added as a widget to the
home screen. In the process of setting up the
button the user can decide which actions it
may cause. Available possibilities are an
emergency call to a contact from your phone,
sending your current location via Email and
SMS and sending an Email or SMS with
predefined content.
- 31 -
Mobile Security Review 2016
Anti-Theft Details
Commands Web
Tone not really alarming.
Trigger signal tone
Mute device
Delete personal data
Full factory reset. SD card data can be restored.
Lock screen
Locks the phone.
Set lock screen
Locate device
Shown on a Google map.
Commands SMS
Ring alarm tone.
Locate fine
Provides exact location. Can take longer.
Full factory reset. SD card data can be restored.
Set device password
Remote password reset
Unset Anti-Theft password. Only works if sent from a predefined phone
- 32 -
Mobile Security Review 2016
Kaspersky Lab
Antivirus & Security
Kaspersky Internet Security for Android is a mobile anti-virus application that also includes anti-theft
features and call/message blocking in the free version. A premium license is available for €10.95 per
year and extends the app’s functionality with real-time protection, anti-phishing features, and contact
every type of file scanned, or only android apps
and archives.
After successful installation, the application
needs configuration in order to function
correctly. Users have to grant some mandatory
permissions along with the selection of a
country, accepting the license agreement and
running an initial scan. Afterwards the
application is ready to use.
By default, the application tries to disinfect
threats detected in any kind of scan. If
neutralization fails, the infected files are
silently moved to quarantine by default. The
quarantine list and the setting the default
action for disinfection failure are quite difficult
to find. Available actions include moving files
to quarantine, deleting or skipping them, or
prompting the user to make a decision. The
default action for extended Real-time
Protection can be set independently.
Users can also decide if they want to be
protected against potentially unwanted
applications (PUAs) and if all files or only
archives and applications should be scanned.
Kaspersky offers 3 different scan modes
including quick scan (installed applications
only), full scan (entire device) and scanning a
specific directory. Scans can be run manually
or prescheduled in a customizable interval.
Kaspersky also offers a feature called Real-time
Protection, which automatically scans files the
user interacts with, and is available in two
modes. Recommended Mode checks installed
apps only and monitors the download folder.
Extended Mode monitors all the user’s file
activity. Users can decide whether they want
Anti-Theft configuration requires some device
permissions, setting a secret numeric code, and
- 33 -
Mobile Security Review 2016
device admin rights. Through this feature,
Kaspersky offers remote control of the device.
The feature involves remote device control, a
SIM guard, uninstall protection and a web
interface. Remote control from other devices is
only possible if the counterpart has the
application installed. SIM cards could be
exchanged at will without the device being
locked. Uninstall protection works well, users
can who want to remove the application have
to do this from the app settings and enter the
user’s secret code first. Configuration of AntiTheft settings can be rather annoying since
users are always redirected to the start page of
the application when pressing the back button.
Kaspersky Lab informed us, that the point has
been fixed since version of the
Call & Text filter
Kaspersky’s Call Block restricts communication
using black- and whitelisting. Users can add
numbers to these lists manually or from the
call/message log. The filter rules available are
rather limited. Users can either block all
contacts from the blacklist, allow only numbers
from the whitelist or block all unknown
numbers. Call & Text Filter also offers the
option to block non-numeric numbers.
Kaspersky Internet Security for Android is an
easy-to-use mobile security app for users who
want to install a single application and have
done with it. The user interface is simply
structured but some specific settings are
somewhat hidden.
The application includes a real-time antiphishing feature called Web Protection. It
protects the user against phishing threats and
other malicious content. Users have to enable
Web Protection in the application settings
before they can surf the web safely. Kaspersky
also offers Anti-Phishing protection for text
messages, which scans incoming messages for
dangerous links.
Privacy Protection
Using Kaspersky Internet Security for Android,
it is possible to hide sensitive contact data and
conversation history. If users add contacts to a
feature called Privacy Protection it is possible
to hide data associated with those contacts
using a toggle. Contacts can also be hidden
using a text-message command or the web
- 34 -
Mobile Security Review 2016
Anti-Theft Details
Lock & Locate
Commands Web
Displayed on Google Maps Map
Takes several pictures
Wipe All Data
Wipe Personal Data
Hide data
Factory resets the phone; SD card is not wiped
As mentioned in the overall report, newer Android versions
prevent some data, such as the Google account, from being
deleted by any third-party app.
Hides contacts listed as sensitive in the privacy protection feature
Text-message commands
Data Wipe
As Wipe All Data
Full reset
As Wipe Personal Data
SIM Watch
Uninstall Protection
Hides contact. Reception of command has to be enabled in
privacy protection settings.
Additional Features
If the SIM card gets replaced, the owner will be informed by a
text message to a predefined number. Additionally, the phone
can be locked.
- 35 -
Mobile Security Review 2016
McAfee Mobile Security
McAfee offers a security product which in addition to malware protection and theft-protection also
includes backups, a privacy advisor as well as a battery optimizer. The app comes in a free and a
premium version, whereby the premium version is ad-free and provides 2GB of cloud space to backup
photos and videos and gives access to the McAfee’s premium phone support service.
Under an additional section called Web
Security are the phishing and malware
protection for the browser. This component
also checks for risky Wi-Fi connections.
After the installation the app has to be
authorized to access the list of installed apps,
and the EULA and Privacy Notice have to be
accepted. After that an initial configuration is
run by McAfee, and the user is asked to turn on
the security features by activating the McAfee’s
accessibility service.
Find Device
When launching this component for the first
time, an initial setup has to be run in order to
connect to the web interface. Therefore, a
McAfee account has to be created and the
necessary permissions have to be granted.
Anti-Theft commands can be sent via text
messages and a neat web interface. The web
interface is basically divided into two parts,
which is a bit confusing. There is the modern
“Find Device” too, which one is directed to
when logging in, and the legacy “My Device”.
The anti-theft commands can be sent from
both, but only the latter provides access to
backup data. The old site is not so easy to find,
especially as one does not even expect it to be
Security scan
In the security scan window, users are able to
start a scan with the pre-defined settings, or
update the virus definitions. In the settings
there is a way to modify the auto-scan settings,
which include toggling real-time scanning,
setting a scheduled scan and toggling
automatic updates. Additionally, in the scan
options the user can decide what should be
scanned. This includes apps, potentially
unwanted software (PUA), text messages and
files. It is also possible to toggle notifications
about malicious apps and files.
- 36 -
Mobile Security Review 2016
The Privacy component is responsible for
multiple features. It includes a simple app
check (which shows access to private data for
certain apps), a call blocker, an app locker, and
profiles (which can be used to restrict the apps
usable by specific users).
The Backup component can save private data
(text messages, call logs, and contacts) to the
cloud and also makes it possible to restore this
data. In the pro version the backup of media
files is also possible. It is possible to activate
automatic backups or to be notified when there
is a new contact to be backed up.
Battery Optimizer
This component is responsible for the speedup
tools in the app. One can find an “Extend
Battery” function (which turns off some powerintensive setting like Bluetooth), a memory
cleaner which kills running tasks, as well as a
storage cleaner which can clean the storage
from unwanted data like cache files. A data
monitor can also be found in this component.
McAfee provides a great security product with
good malware detection and a comprehensive
component can be operated via text messages
or a good, neat web interface. As already
mentioned, this web interface is split up in two
parts which makes it a little bit confusing.
Anti-Theft Details
Commands Web
Plays the device’s ringtone
Tries to take a snapshot of a thief. An alarm is played and a popup message
is shown to ensure that the thief is looking at the phone. If the SIM card
has been removed from the phone, Capture-Cam fails even if there is
Internet access via Wi-Fi.
Triggers lock, locate and capture-cam; if the phone is set to a lost state,
the additional actions track, backup, wipe and reset can be used
Tracks the phone for one hour continuously
Backs up contacts, text messages, call logs and media files
Capture Cam
I lost my device
Deletes personal data
Triggers a factory reset of the phone
Commands SMS
Triggers a fairly realistic screaming alarm tone on the phone.
Sends a link with a map showing the location
SIM Change protection
Uninstall protection
Triggers the capture-cam via a text message.
Additional Features
Locks the device if the SIM card is changed, additionally the user is
notified via email
Locks the device if device administrator rights are removed from the app
Capture cam takes automatic screenshots when the wrong login credentials
are provided for the Android or McAfee lock screen.
- 37 -
Mobile Security Review 2016
Tencent WeSecure is an application that primarily focuses on malware protection but also provides
several tools that could prove useful when maintaining a mobile device. These tools include Data
Backup, Phone Accelerator, and Call Filters. The app is completely ad-free and free of charge.
all the Android Internal App Information Pages
for the running apps. From these, the programs
need to be closed one by one. The component
also features sub items for whitelisting and
showing running apps.
On the first start-up of the app, the Terms of
Service and Privacy need to be accepted. After
that no additional configuration is required
and the home screen is shown. The home
screen shows the status of the anti-virus
component in the form of icon and text. All of
the tools provided are listed beneath it.
Call Intercept
This component enables automatic blocking of
fraudulent calls and harassment calls, using
rules applicable to Chinese telephone numbers.
It is not customizable.
It is only possible to scan the installed apps on
the internal and external storage, or to scan all
files on the external drive. The information
shown on the screen during a scan is kept neat
and simple. The status is shown in the form of
icon and text, as on the Home Screen. When
malicious files are found, it is possible to
remove all of them at once. There is no means
of manually updating the signatures, but
automatic updates are performed by default.
Data Backup
The Data Backup component is not included in
the man app and needs to be downloaded
separately from the app store. It allows the
user to back up contacts, messages and call
Tencent WeSecure represents a basic,
lightweight anti-virus application, with a data
backup feature also included. Tencent users
can rely on Android’s built-in anti-theft
Phone Accelerator
This tool accelerates the phone’s performance
simply by allowing the user to close all apps
running in the background. However, the
feature is poorly implemented. It simply opens
- 38 -
Mobile Security Review 2016
Trend Micro
Mobile Security & Antivirus
Trend Micro Total Security is a comprehensive security app which provides malware detection and
several privacy and maintenance tools. The premium version includes a well-designed security concept
with advanced features such as pre-installation detection via VPN, and messenger protection for Line
and WhatsApp.
Security Scan
After installation, terms of use need to be
accepted, and the user has to decide whether
to send anonymous usage reports. The home
screen provides the overall security status, as
well as the status of every component next to
its name. After installation, for example, any
missing permissions are displayed there. By
tapping the Scan Device button on the home
screen, the user can run a check for malware
and privacy risks. The app features scanning for
malware, privacy issues such as Facebook
settings, and app-management and systemtuning tools. Anti-theft, call-blocking and
safe-surfing tools are also implemented. These
components are, in contrast to other functions,
all integrated by default.
A scan can be started either directly from the
home screen of the app, or from the security
scan menu. The app provides a number of scan
options for malware e.g. Real-Time Scan, PreInstallation Scan and a full scan including the
SD card. The user can scan just apps or all files.
There are various settings for updates as well,
such as manual updating, and scheduling a
scan after every update.
When malware is found during a scan, the app
reports it on multiple ways, such as pop-up
notifications and the indicator on the home
screen. To use Pre-Installation Scan, a VPN
connection has to be set up, which will scan
the network traffic and warn for malicious apps
downloaded from the Google Play store. To do
this, the Trend Micro Security Certificate has to
be installed on the phone.
- 39 -
Mobile Security Review 2016
Lost Device Protection
Call Blocking
Lost Device Protection provides the anti-theft
component of the app, which is controlled via
a web interface. The message which is shown
when the device is locked, as well as for wipe
mode (factory reset or only personal data), has
to be set in the app. These decisions cannot be
made from within the web interface. Besides
the obligatory functions such as alarm, find,
wipe and lock, the position of the device can
be shared via Facebook.
The call blocking feature supports blacklisting
or whitelisting and can optionally reject the
call, silence the phone or reject the call and
answer with a customizable text message.
Additional Features
In addition to the standard components of a
security app, Trend Micro provides a System
Tuner which provides battery and memory
optimisations, an app manager that lists
installed applications, and a Facebook scan
which scans one’s privacy settings for
Network Protection
The network protection component provides a
safe surfing component which will warn of
malicious sites while surfing the web, as well
as a Wi-Fi checker which warns of unsecure WiFi connections. The protection level for safe
surfing can be set to low, which will only block
reported fraudulent sites, high, which will
block all sites with any fraudulent or malicious
signs, or normal, which provides a balanced
level of protection that does not block minor
risks. Additionally, to the automatic
whitelisted/blacklisted, and Wi-Fi Hotspots can
be added to a trusted Wi-Fi list.
Trend Micro’s Mobile Security for Android is a
comprehensive app that provides an advanced
security concept. In our test, all the features
worked conveniently and provided a great user
experience. Even though the lost-device
protection was easy to use, text-message
commands would be nice to have.
Messenger Protection
Messenger Protection can scan messages in
Line and WhatsApp, and warns for malicious
links. The protection level for safe-surfing is
automatically applied to Messenger Protection,
which is very convenient.
Parental Controls
Parental Controls provides an app lock and a
website filter to protect children from
inappropriate content. The website filter can
be set to three different profiles (Child, PreTeen and Teen) which will filter content
appropriately for the age group. Blocked sites
can be seen in a log, and it is also possible to
whitelist/blacklist individual sites manually.
- 40 -
Mobile Security Review 2016
Anti-Theft Details
Commands Web
Displayed on a Bing Maps map
Locate / Track
Wipe (factory reset)
Wipe (personal data)
Share Location on
Creates a post with a link
SIM Change Protection
Uninstall Protection
Additional Features
Locks the device if the SIM-card is changed or removed; device is
unlocked automatically if the original SIM is inserted again
Part of the Parental Controls component
The external SD card was not wiped.
The external SD card was not wiped. Browser history and Google
account were not removed. The Trend Micro account was removed,
which makes future commands impossible.
- 41 -
Feature List Android Mobile Security
Product Name
Version Number
Supported Android versions
Supported Program languages
Android OS
Alibaba Ali Money Shield
Antiy AVL for Android
2.2 and higher
2.1 and higher
Avast Mobile Security &
2.2 and higher
Avira Antivirus Security
AVG AntiVirus PRO
Baidu Mobile Guard
2.2 and higher
2.2 and higher
2.2 and higher
English, Czech, French,
Italian, Spanish, German,
English, German, French,
Russian, Portuguese,
Italian, Spanish, Korean,
Catalan, Hungarian,
Japanese, Portuguese
Dutch, Polish, Turkish,
Vietnamese, Chinese,
Japanese, Bulgarian
Bitdefender Mobile
Security & Antivirus
2.3.3 and higher
ESET Mobile Security &
2.3 and higher
McAfee Mobile Security
Tencent WeSecure
2.3 and higher
2.1 and higher
English, Danish, German,
Greek, Spanish, Finnish,
French, Indonesian,
Italian, Japanese, Korean,
Norwegian, Dutch,
Portuguese, Russian,
Swedish, Turkish, Chinese
English, German, Spanish,
French, Italian, Korean,
Dutch, Portuguese,
Chinese, Turkish,
Spanish, English,
Portuguese, Czech,
German, English, Spanish, English, Russian, German, Danish, German, French,
Italian, French, Portugese, French, Spanish, Italian, Chinese, Italian, Japanese,
Chinese, Japanese
Dutch, Norwegian, Polish,
Russian, Suomi, Swedish,
Turkish, Korean
G Data Internet Security
2.1 and higher
Kaspersky Internet
2.3 and higher
English, Polish, Danish,
Finnish, Norwegian,
Japanese, Russian,
German, English, French,
English, Portuguese,
Hungarian, Spanish,
Spanish, Portuguese, English, Russian, German,
French, German, Italian,
German, Portuguese,
French, Spanish, Italian,
Polish, Romanian,
Dutch, French, Romanian, Italian, Dutch, Polish,
Turkish, Swedish, Chinese,
Russian, Turkish,
Spanish, Turkish,
Italian, French, Korean,
Japanese, Chinese
Czech, Hebrew, Slovak,
Vietnamese, Arabic,
Bulgarian, Thai
English, French, Italian,
Spanish, Portuguese,
Romanian, German,
Trend Micro Mobile
Security & Antivirus
2.3 and higher
On-Install scan of Installed apps
On-Demand scan
On-Access scan for files
Scan works offline
Scan is assisted by cloud
Automatic (scheduled) Scan
Scan installed apps for (possible) privacy violations
Safe Browsing (Anti-Phishing & Anti-Malware)
Recommendations for android settings
USSD Blocking
Remote Locate, Alarm, Lock & Wipe
Webinterface for controlling Anti-Theft features
SMS commands for controlling Anti-Theft features
Notify on SIM Change (Email / SMS)
Lock on SIM Change
Remote Unlock
Anti Spam
Whitelist / Blacklist Phonecalls
Whitelist / Blacklist SMS
Whitelist / Blacklist with wildcards
Blocking of SMS containing keywords
Parental Control
Safe Webbrowsing
Lock Apps
App launcher especially for kids (Parents can choose apps)
Uninstallation protection (password required for uninstallation)
Settings protected with password
User Account needed to use product
Additional features
Local Wipe
Network monitor
Task Killer
Battery Monitor
Online Help & FAQ
Email support
User Forum
User Manual
Phone Support
Online Chat
Supported languages of support
English, Chinese
English, Czech, French,
Spanish, Portuguese,
Turkish, Polish, Russian,
German, Chinese, Italian
German, English, French,
Italian, Dutch, Russian,
Spanish, Portuguese,
Chinese, Japanese,
Malaysian, Korean
English, German, Czech,
French, Italian, Dutch,
Polish, Spanish,
Mobile Security Review 2016
Copyright and Disclaimer
This publication is Copyright © 2016 by AV-Comparatives ®. Any use of the results, etc. in whole or in
part, is ONLY permitted after the explicit written agreement of the management board of AVComparatives, prior to any publication. AV-Comparatives and its testers cannot be held liable for any
damage or loss, which might occur as result of, or in connection with, the use of the information
provided in this paper. We take every possible care to ensure the correctness of the basic data, but a
liability for the correctness of the test results cannot be taken by any representative of AVComparatives. We do not give any guarantee of the correctness, completeness, or suitability for a
specific purpose of any of the information/content provided at any given time. No one else involved
in creating, producing or delivering test results shall be liable for any indirect, special or consequential
damage, or loss of profits, arising out of, or related to, the use or inability to use, the services provided
by the website, test documents or any related data.
For more information about AV-Comparatives and the testing methodologies, please visit our website.
AV-Comparatives (September 2016)
- 43 -
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF