Here’s Why Android is Now Harder to Crack than iOS

Mobile devices have become a popular target for hackers in recent years because of its rising popularity and the increase in internet usage for mobile devices. As more and more people use their smartphones for various transactions, such as online banking, checking emails, sending out messages, posting on social media, and sharing files, mobile devices have become a trove of information that cybercriminals would be most interested in.

This is why mobile manufacturers are also stepping up their efforts in improving their devices’ mobile security. Aside from third-party apps that can be downloaded to protect smartphones from hacking, spying, malware infection, and all sorts of threats, manufacturers are also incorporating security measures on the OS level. This means that the mobile operating system itself is equipped with several layers of protection.

Although these security measures help a lot in fending off attacks, it does not mean that all manufacturers are effective in doing so. Keep in mind that not all mobile devices are created equal. There are two main categories of mobile phones today, namely Android and iOS, but Android devices are further divided into various categories and manufacturers. They can also be further categorized in low-range, mid-range, and high-range devices.

Recently, the differences between mobile devices was further highlighted in a recent experiment conducted by forensic experts.

Mobile Security: Android vs iOS Devices

In the mobile world, Apple’s iOS operating system is usually considered more secure compared to other operating systems. Why is this so? It is because Apple’s operating system, the iOS, is a closed system. This means that the company doesn’t reveal its source code to mobile developers, and iPhone and iPad owners can’t modify the code on their devices themselves. This system makes it more challenging for hackers to exploit vulnerabilities on iOS-powered devices.

Android devices, on the other hand, are the opposite. They rely on an open-source code, which allows the owners of these phones to tinker with their devices’ operating systems. Too much tweaking could end up creating a weakness in their devices’ security.On the side of the manufacturers, it is possible for new devices to be created with modifications to the Android operating system, introducing a vulnerability in the code that hackers can take advantage of.

Android was the main target by hackers before because this operating system runs on so many mobile devices today. The widespread popularity of the Android operating system paints it as a more attractive target for cybercriminals. Because of this, Android devices are more at risk of the threats that these criminals distribute.

But this doesn’t tell the entire story. While iOS may be considered more secure, it’s not impossible for cybercriminals to hit iPhones or iPads. The owners of both Android and iOS devices need to be aware of possible malware and viruses, and be careful when downloading apps from third-party app stores. It’s safest to download apps from trusted sources, such as Google Play and the Apple App Store, which vet the apps they sell.

Then there are the social engineering attacks in which cybercriminals attempt to trick users into giving up log-in information, access to bank accounts, and other personal data. It doesn’t matter what mobile operating system you are using: both iOS and Android can be equally vulnerable to these types of phishing attacks.

Android devices have various security features to protect it from tampering. Aside from the regular PIN code, password, and pattern unlocking methods, Android devices are now also equipped with fingerprinting, facial recognition, and other newer options for unlocking the device.

On devices with a fingerprint sensor, users can enroll one or more fingerprints and use those fingerprints to unlock the device and perform other tasks. The Gatekeeper subsystem performs device pattern/password authentication in a Trusted Execution Environment (TEE). Android 9 and higher includes Protected Confirmation, which gives users a way to formally confirm critical transactions, such as payments.

Devices running Android 9 and above also include a BiometricPrompt API that app developers can use to integrate biometric authentication into their apps in a device- and modality-agnostic fashion. Only strong biometrics can integrate with BiometricPrompt.

iOS devices, on the other hand, are also equipped with various unlocking options, including PIN code, custom PIN code, password, fingerprint, and facial recognition. It is also equipped with several security features, such as auto-lock, Find My iPhone, security autofill, two-factor authentication, and password reuse auditing. Apple devices have encryption features to safeguard user data and enable remote wipe in the case of device theft or loss.

Android Is Now Harder to Crack Than iOS

However, a recent investigation showed that a company that’s usually hired to hack smartphones by the government could break into Apple iPhones, even the newer ones. They had much less success with Android phones though.

For law enforcement, iOS and Android encryption is a matter of huge concern. Smartphone data can reveal a lot about suspected terrorists, criminals and those being investigated for rather dangerous crimes like mass shootings etc.

If investigations into these devices are conducted carefully, the data can be used in court as evidence.

This whole issue of encrypted devices has been in the news for a while. It was first dragged up when the FBI asked Apple to unlock the iPhone belonging to the San Bernardino shooter. Apple had refused on the grounds that if they gave into the FBI’s requests and unlocked one phone, they could be pulled up any time by any other authority to unlock devices for them. The existence of a backdoor is detrimental to the security of the device.

The issue of encrypted phones and unlocking requests came up again in December last year when a Naval base in Pensacola, Florida was attacked by a gunman. The suspected shooter had two iPhones both of which were locked. Apple was asked once more to unlock the devices.

Critics have argued that the government having easy access to your private data pretty much defeats the purpose of the existence of encrypted data in the first place. However, authorities have allegedly found a way around this through apps, but that remains to be seen.

The case in question where an app could make it possible for the FBI to unlock a device without taking help from the smartphone maker pertained to Apple iPhones. But, forensic investigators are of the opinion that when it comes to Android encryption, the job is getting tougher by the day.

Vice’s investigation showed that Cellebrite, one of the most prominent companies that government agencies hire to crack smartphones, has a cracking tool that can” break into any iPhone made up to and including the iPhone X”. Cellebrite pulls out data such as GPS records, messages, call logs, contacts, and even data from specific apps such as Instagram, Twitter, LinkedIn, etc all of which can be incredibly helpful in prosecuting criminals.

However, Cellebrite is much less successful with Android encryption on prominent handsets. For example, the tool could not extract any social media, internet browsing, or GPS data from devices such as the Google Pixel 2 and Samsung Galaxy S9. In the case of the Huawei P20 Pro, the cracking software literally got nothing, reports Vice.

Why Android Is Harder to Crack Than iPhones

There are several reasons why Android seems more secure than iOS devices nowadays. Here are the factors that contributed to the security success of Android devices:

Open-source platform.

Compared to iOS’ secrecy, Android is open-source, which means developers can work together to improve the software and make it more hack-proof. And with several developers working on various improvements of the operating software, it can be expected that different versions of the mobile OS will emerge. iOS, on the other hand, is limited by the restrictions imposed by Apple. iOS developers cannot be as creative as those of Android developers.

Multiple variations.

The iPhone can generally be considered as one device, while Android has many variations. As a single device, it becomes much easier to attempt a crack compared to those with multiple variations. There are so many Android devices that aren’t as popular as the iPhone. It has so many variations that targeting any one Android device is very difficult.

OEM-level security.

Each Android OEM applies their own security layer on top of the base AOSP operating system. Google does it for Pixel (Titan), Samsung does it for Galaxy and Note devices (Knox), etc.

How to Protect Your Mobile Device

What this investigation shows is that mobile devices are susceptible to hacking and other threats. If it can be used for investigation, then there will be no problem. However, if cybercriminals use this software or something similar to it to crack your device, your personal data will be compromised.

To protect your security, you should implement security measures of your own to prevent your device being hacked and your data from being leaked out. Aside from installing a third-party mobile security app, here are other tips and tricks to ensure the security of your mobile device:

● Use strong passwords and never divulge them to anyone.
● Whether you’re using an Android or an iOS device, make sure to maximize the built-in security features of your smartphone.
Use a VPN if possible. Most modern mobile devices are now equipped with a VPN feature or an encryption technology.
● Keep your device protected. Don’t leave it lying or stored in a place where people can easily steal it.
Author Bio
As a Journalist by profession, April Reyes has extensive experience in writing about various topics under the sun, including technology, gadgets, travel, social media, and digital marketing. If she’s not writing articles for Software Tested, she’s either watching her favorite TV series or playing video games.

Leave a Reply

Your email address will not be published.