blog posts

iOS And Android Security Comparison; Is iPhone More Secure Than Android Phones?

Comparing iOS And Android Security Depends On Many Factors, Including Open Source Or Closed, Updates, And Most Importantly, The Type Of User Interaction; But Which One Is The Winner?

Comparing iPhone and Android phones, in general, is considered one of the fascinating topics that will not end no matter how long it continues. In the meantime, even some people may think that comparing iPhone and Android phones is a clear example of the English term “Comparing apples to oranges,” which means comparing two things from the same family but fundamentally different.

Although both platforms are in the family of operating systems, they have a fundamental difference. Each has its strengths and weaknesses and provides capabilities and facilities for users that ultimately have one goal: to create prosperity for doing things.

Therefore, to compare iPhone and Android phones, it is better to focus on one criterion to reduce the possibility of wrong conclusions. Considering this issue, we will compare the safety of iPhone and Android phones.

Often in the discussion of comparing iPhone and Android phones, one of the propositions you have heard is that iPhone is more secure than Android phones. But is this claim valid? What factors have been evaluated to reach this conclusion

Technology and security

Security / Security

As technology advances, cyber attacks have become more sophisticated and dangerous. For example, money transfers can now be done with a few simple touches and using the number on the bank card, and it is no longer necessary to go to an ATM to do this. On the other hand, smartphones have become a tool without which many daily tasks cannot be completed, or at least more time must be spent.

Hence, today’s smartphones contain passwords, bank account information, photos, and other sensitive data that may become available to cybercriminals in the event of a security breach.

Therefore, to prevent attackers from accessing sensitive information and protecting them, it is better to choose the safest possible mobile operating system in the first step. In this way, all the advantages and disadvantages of the existing operating systems, including iOS and Android, should be weighted according to the user’s needs and expectations, so that by knowing their strengths and weaknesses, they can gain knowledge about their safety and the most suitable option. chose

While iOS and Android operating systems have always been the targets of cyber-attacks and malware intrusions over the past years; But there is this question in 2022 AD (1401 solar) iOS operating system is more secure or Android?

The answer to this question depends on many things. For example, in 2016, when the Pegasus spyware was detected and infected iPhones worldwide, Apple had to do everything in its power to inform its users and secure iOS. However, after several years and Apple’s complaint against NSO Group, which it considers responsible for the release of Pegasus spyware, this spyware still exists and is considered a security threat.

On the other hand, Android also has its share of security problems. For example, from 2019 to 2021 AD (1398 to 1400 AD), over one million users have been attacked and infiltrated by hackers through applications infected with malware on Google Play. Additionally, many users are still at risk of being hacked because not all active Android devices receive regular security updates.

With these interpretations, in order to get a logical and fair answer about the comparison of iOS and Android security, we decided to examine Google data and CVE documents for each operating system collected over the past few years. Next, to rank the updates of the operating systems, the security balance was considered to select the most secure smartphone operating system by evaluating the total balance of the final winner. Be careful that the lower the balance, the higher the security.

Comparing iOS and Android security: flaws and technical issues over the past decade

The chart above shows Google Trends data from searches for iOS and Android security flaws and issues over the past decade (the latest versions are iOS 15 and Android 12). Oftentimes, peaks in these charts in search traffic indicate an increase in update issues around the time a new update is released, especially for Apple.

For example, at the peak of the search traffic graph related to iOS defects in September 2013, and iOS 7 was released at the peak of the graph in September 2014, iOS 8 was also released.

But for Android, spikes in the bug search traffic graph are less likely to coincide with the release of new updates. Of course, it could be because the Android user base has fewer issues with the OS; Also, it could be because Android devices are less likely to install the latest update in the first place.

According to the chart, the average search traffic for each operating system in every 100 cases is as follows: the level of search traffic for iOS update defects is equal to 19.7 cases and the traffic for Android update defect searches is equal to 1.16 cases.

Here, each score represents the number of problems that users sought to solve. Thus, the higher this number is, the more defects and software bugs there are. Since the score of 1.16 for Android is lower than iOS, it can be concluded that iOS users faced more technical problems. However, based on this chart, it is not necessarily possible to conclude that Android is more secure than iOS.

The security level of iOS

When experts compare the extreme security of iOS with the security features of Android, they often point to iOS as the more secure operating system. This advantage is due to the fact that viruses designed for the iPhone cannot penetrate the device unless the device is previously jailbroken.

However, when Google Trends data and published vulnerability reports are examined for each update, it can be seen that iOS 5, 7, and 8 have the least number of vulnerabilities, while iOS versions 11, 14, and 15 have the highest number of vulnerabilities.

One of the most important strengths of iOS security is its ability to provide new and regular updates

Of course, this recent increase in update vulnerabilities can be attributed in part to the rise in popularity of the iPhone, which has resulted in more attention from cybercriminals.

It is important to mention that the prepared chart shows the security level of different versions of the iOS operating system at the time of release; Therefore, it is better not to misunderstand this chart and we suggest you update your operating system as soon as possible.

Now, let’s briefly discuss some of the strengths and weaknesses of iOS security.

iOS security strengths

 

Based on the tests done, as shown in the opening chart, iOS 5 was the most secure version at the time of release. This version was presented in 2011 and introduced iCloud to users for the first time. iOS version 5 faced only 3 serious vulnerabilities in the year of its release, which made it known as the most secure version of iOS according to the evaluation.

While all the versions presented were not equally safe; But some of the security strengths of iOS in general include the following:

  • Continuous updates : iOS updates are scheduled regularly and it can be seen that Apple has given special priority to fix security flaws and vulnerabilities.
  • Closed text coding : Apple’s closed text system despite the limitations it creates in the field of freedom for developers and subsequently users; But it is one of the strengths of this company’s operating system. Because, the closed text system makes the process of discovering and identifying security vulnerabilities more difficult for security attackers.
  • Access to Updates : Apple’s update support for iPhones often goes up to 5 years. This means that almost all phones will receive updates for up to 5 years after production, which is great.
  • App Store Security : While, due to the open source nature of Android, anyone can publish applications for Android devices; But Apple has made it possible to install the application only through the App Store in order to better and more accurately examine the applications.
  • Isolated applications : One of the important features of iOS is applications that are separate from each other, so called Sandboxed App. In this case, applications interact without the user’s permission and only in limited cases, and each application has unique resources and files. Therefore, infection of one application will rarely cause infection of other applications.

Further, Allan Buxton , director of one of the divisions of the Secure Data Recovery Services Institute, responded to questions about the comparison of the internal security settings of Android and iOS and said that he believes that Apple’s update policy has many advantages and explained:

Apple phones will receive more and more updates throughout their lifetime. But, in contrast, most Android device manufacturers only guarantee two years of software support and update provision. In between, there are even cases that don’t release an OS update in the second year or delay its release so far into the product lifecycle that the update is available to users with unfixed issues and security flaws.

iOS security weaknesses

 

According to Google’s data and according to the graph of vulnerabilities, iOS 11 is the least secure among the iOS updates and unfortunately received a score of 1.11 according to the evaluation and showed the highest number of vulnerabilities at the time of release; As a result, it receives the title of the most insecure version of the iOS operating system.

In general, some of the biggest iOS security vulnerabilities include:

  • Closed text coding : While Apple’s operating system’s closed text was introduced above as one of the key security points; But on the other hand, this feature can be considered a security weakness. Because such a feature will make it more difficult for users to discover and report vulnerabilities.
  • Serious vulnerabilities : For example, the 15.3 update caused more serious vulnerabilities in some Apple devices compared to previous versions, such as executable code overflow and Memory Corruption security flaws.
  • Smaller user base : According to published statistics, more than 74% of active smartphones around the world have the Android operating system; Therefore, iOS has a smaller user base, which causes it to receive less feedback. Of course, on the one hand, this problem can have advantages, such as being closed-text, and due to the smaller statistical population, it is a smaller target and is not attractive for attackers in terms of efficiency.

Over the years, Apple has always been known as a company that puts safety and security as its top priority. For this reason, even today, iOS does not have many severe weaknesses compared to other operating systems. In the meantime, it is said that there are some exploits and security flaws that neither Android nor iOS are immune from.

Vladimir Shegel, Vice President of Clario Security Institute, says:

The worst type of security problems are those through which the hacker secretly takes full control of the user’s device without interacting with the user (known as zero-click attacks).

For example, in the iOS operating system, we can mention iMessage, Core Graphics and WebKit problems that were exploited by NSO Group customers to load Pegasus spyware on the phones of social activists and journalists.

Therefore, we can see how important it is to prioritize the security of users and optimize the security system of smartphones.

Android security level

Since Android is known as the most popular operating system around the world, this popularity leads to an increased possibility of security problems. In other words, if a hacker is going to design malware to infect devices, he will target a platform that he knows is a bigger target and can more easily spread his malware, giving him a higher chance of success based on the law of probability.

But, on the other hand, the vast base of Android users has created a large community that can provide more security feedback to optimize Android-based devices. Based on the reviews, Android 5, 11 and 12 show the least number of vulnerabilities.

Whereas, Android 7, 8 and 10 have the highest number of vulnerabilities. In the following, we will mention the strengths and weaknesses of Android as an operating system so that we can see whether this platform has the necessary overall security as an operating system or not.

Android security strengths

The fact that Android version 12 (as the last version of Android studied in this article) received the best security score among all previous versions is a valuable achievement. It’s clear that Android developers’ focus on security has paid off.

The most important security strengths of Android are:

  • Open source coding: The open-source nature of the Android platform allows any user to appear as a security expert and discover and report its vulnerabilities.
  • Support for secondary security applications : Android users have access to security applications developed by other companies, or in other words, more third-party applications. Of course, this strength is also due to the open source system of the Android platform.
  • More users, more feedback : As mentioned earlier, more popularity results in more security feedback in less time.

The important point that can be mentioned about the list of Android security strengths is that many people classify Android’s open source as a flaw and mention it in the list of disadvantages; But the security expert, Vladimir Shegel , says about this:

The open source nature of Android coding makes technical problems and defects to be discovered and fixed sooner. But, since the ecosystem favors business, they often push users to buy a new device for more protection.

Especially many manufacturers and sellers of budget Android smartphones, practically do not provide any specific updates for the phones released in the market, or release the update late and only to fix the task.

In other words, it can be said that the higher cost of buying a phone is a kind of cost to receive better after-sales service.

Finally, it cannot be overlooked that the open source system, in addition to countless advantages, also has very basic disadvantages; But the use of these types of systems requires users who are patient and knowledgeable about software updates and perform updates with great care.

Android security weaknesses

The most popular operating system on smartphone devices also has its fair share of security flaws commensurate with its number of active users. In fact, more users attract more attention from hackers and cyber attacks. In the following, we will discuss some of the most important Android security weaknesses.

  • Open source coding : As open source coding allows users to discover and report vulnerabilities, there is an opportunity for any hacker to discover and exploit them and infect the device. In fact, this feature of the Android operating system can act as a double-edged sword.
  • Limited updates : compared to devices equipped with iOS operating system, Android devices are very limited in receiving updates and are only guaranteed to receive updates for up to two years, which is less than half compared to the five-year period of devices equipped with iOS.
  • Different application markets : Although, the existence of different application offering markets increases the growth opportunity for creative users; But on the other hand, it will also create a wide opportunity for abusers, which can lead to the immediate release of malicious applications.

Although Android provides regular updates; But the problem is evident where not all Android smartphones install the latest version of the operating system. According to recent studies, the version that has the most users is Android 10, which was two years old at the time of the study.

Comparing the security of iOS and Android versions until 2022

Now, if we compare all the different versions of the iOS and Android operating systems, we will see that iOS version 5 and 7 and Android version 12 occupy the first to third most secure updates, while the last three ranks are reserved only for iOS, which includes versions 11, They will be 13 and 14.

iOS 5 has a total of only 3 serious vulnerabilities and now Android 12 has a record with a total of 18 vulnerabilities.

Meanwhile, some recent updates have more than 200 registered vulnerabilities. On the other hand, Android 12, which was released with new security features, had a total of only 18 vulnerabilities.

Although the largest number of vulnerabilities are related to Android 10; But most of the registered vulnerabilities were not serious and not particularly sensitive. In fact, the total number of Android 10 vulnerabilities reaches 800. Therefore, in this classification, only the number of vulnerabilities was not a criterion, and their importance was effective in the classification.

In the iOS operating system, version 11 shows the highest number of vulnerabilities. This update has more than 200 vulnerabilities; But according to CVE documents, about 20% of these vulnerabilities are at the critical level, and this makes iOS 11 the most insecure version of this operating system.

iOS and Android security comparison; Which one is more secure in 2022?

In response to this question, according to the statistics and figures that we have reviewed from the beginning of the article, two approaches can be taken, one is to consider the statistical community of all users of each operating system and draw conclusions based on the strengths and weaknesses of each operating system. Another is to compare the latest versions of each operating system so that conclusions can be made based on it.

Therefore, in general and with the first approach and considering all the active users of the two operating systems, which includes several versions of them, and the advantages and disadvantages that were mentioned, the iOS operating system will take over the title of the most secure operating system.

In fact, iOS wins the race because it can deliver continuous updates to devices that provide users with up to 5 years of software support. Although, Android has released secure versions in the last few years; But it cannot provide constant and fast updates because the access to updates appears differently in each brand and company.

Of course, if we want to place only Samsung as a representative of Android in the position of comparison with iPhone phones, it can be said that the competition will be more complicated and difficult and the conclusion will not be so easy. For example, last month, Samsung released a security update for the old J7 phone, which was launched 7 years ago, and just a few days ago, Apple also released a new software update for the iPhone 5S and iPhone 6 to avoid security problems. .

In any case, whether you have an iPhone or an Android phone, you can never be 100% sure that you will not be attacked or hacked. One should only try to take steps according to one’s needs and with full knowledge of the strengths and weaknesses of the operating system used in order to maintain the security of the data and the device.

In the following, we will point out security tips according to the Android and iOS operating systems, so that you can keep your data safe by using them.

iPhone is easier to hack or Android phone?

Comparison of iOS and Android security

The probability that a phone will be hacked regardless of its operating system largely depends on how the user uses it and is exposed to social engineering. The important issue is that eventually both operating systems are hacked.

iOS security has always been more focused on software protection and sandboxing alongside hardware security capabilities; While Android has focused on the use of hardware. For example, the Google Pixel 3 is equipped with the Titan M chip, and Samsung’s phones benefit from the KNOX chip to cryptographically isolate data in times of danger. The Titan M chip disables the phone if the wrong passcode is entered three times.

iOS security tips in 2022

Although Apple is very cautious in maintaining the security of iOS; Sometimes the developer’s efforts are not enough and users should also protect their data by following some security tips.

  • Use an Ad Blocker : One of the most common sources of malware is ads that automatically load pages outside of security rules. Of course, you can reduce the need for these plugins by choosing well-known and reliable websites when browsing the web; But the work does not suffer from hard work.
  • Use complex and strong passwords : Using a 4-digit password is by no means a good guarantee for data protection; Therefore, use at least a 6-digit password or more.
  • Control location tracking : Certainly, many applications will ask the user for permission to access the location at the beginning of the launch; But the majority of users approve the access permission regardless of the sensitivity of this issue.
    The suggestion of security experts is to give location access only to valid applications, and only by setting the “While Using” option, you can be somewhat cautious. On the other hand, if an app you don’t trust asks for permission, it’s best to grant access only once. This option will cause the application to obtain your location every time it tries to access the location.
  • Using a reliable IP change tool : using a non-free virtual private network is another way to keep your IP address and personal data secure on the Internet.
  • Enable two-step verification : Enable this feature in any app that supports it to apply an extra layer of security to your data, even if your password is leaked.

Android security tips in 2022

The level of data security in Android phones is directly related to the brand of the phone manufacturer and is not the same in all phones with the Android operating system.

Of course, this issue can also be seen from another aspect, that infiltrating a brand does not necessarily include other brands; But in iPhone, due to its integrity, breaking into one phone can lead to breaking into other phones. However, there are still measures that the user can take to increase security.

  • Browsing in Safe Browsing Mode : For data security on Android, be sure to use the Chrome browser and enable Enhanced Protection in the Safe Browsing settings to warn you if you encounter infected or suspicious websites.
  • Control app permissions : All apps ask for permission confirmation during installation. For example, the permission to access the camera, audience, location, etc., remember to pay attention to them and if you think it is not justified that an application for photo editing, for example, has access to the microphone, suspect it.
    Additionally, you can check your phone’s privacy settings from time to time to make sure that no app has been given unreasonable access.
  • Always update : It doesn’t matter how secure a version of the operating system was at the time of release. As time passes, it becomes more dangerous to use an old version of the operating system. Apart from this, the lifetime of the update release in Android is short, use every moment of it.
  • Activate the screen lock : some users use their phone without a lock or others try to secure the phone by selecting easy passwords such as four repeated digits; But they don’t know that the presence or absence of such codes makes no difference. Therefore, try to choose a password of at least 6 digits.

Conclusion

The competition between iPhone and Android phones is one of the hot debates among technology fans, which some people believe may never be finished; However, this is due to the constant advancement of technology and its dynamics. However, it has always been said that iOS is more secure than Android, and the reason for this, in addition to the release of regular updates over a longer period of time, is also due to the integrity of the design and production of software and hardware by the same company.

Now, what is your opinion, users, about the comparison of iPhone and Android phone security?