This post about android security intends to give the Android users as holistic view of the phone security.
Apps: since android is an open platform and anyone can write apps and publish it in Google apps, the apps itself can contain malicious which may steal data and sensitive tips from your phone. So, when installing any app, try to check if the app has any security issues. A simple Google search may give you useful information about a particular app. to keep your android phone secure, make sure that apps you are already using has no major security concern and try to update your apps or apply the security patches to keep phone secure.
Mobile ads: while you are using an app, your app may show you ads. Android allows developer to show ads from their ad inventory in order to monetize the apps. By clicking ads in the app, the visitors visit the advertiser’s site, which may secretly install a Trojan or any backdoors to your phone. Avoid clicking ads unnecessarily.
Android OS: android phone used Linux kernel and android library, which may have vulnerability. Since it is impossible to discover all the major security flaws before the release of the new version. Always make sure that your android updated to its latest release. You will find an automatic update option in “about the phone” under your phone setting option.
App Impersonation: each android app comes with its own digital signature that identifies that app with the vendor. If a hacker make an app with a fake ID and find a way to bypass the process of Android checking the ID with the actual vendor, he can have access to your sensitive data. When downloading any financial app, verify the identity of the vendor. For example if your bank website has a link to Google play store for download their apps in your mobile use it. Avoid try to search your bank’s app in Google Play because you may mistakenly get an impersonated app with fake ID of your bank.
Permission: most of the android users do not pay much attention to the permission required by the app. Some apps ask more permission than they need to perform their task. For example, a flashlight app should not need to ask for permission to users’ SMS and phone number. It is the users’ responsibility to check if an app is asking for access to the sensitive data. For a popular open-source platform like Android and Google play, it is virtually impossible to check the extent of permission required for each app designed for performing certain task. READ the permission statement carefully before the installation.
WIFI: though WIFI is not related to Android security issues, but related to phone security. Users should avoid connecting their phone with public WIFI network because it is difficult to know if any attacker has already compromised the network.
Android users need to understand and develop security awareness among them in order keep their devices secured. One thing we need to remember than we a product reach a majority of the market share for its segment, the product is bound to attract attack attention of the hacker as it happened with Windows for their PC market share.