Introduction
In this report, we aim to help readers evaluate both the built-in security measures of Android and various third-party mobile security apps. Our report covers results from malware protection and battery consumption tests, along with reviews assessing the functionality, design, and overall usability of each security app. While some of the tested apps may offer additional features such as an app manager, network monitor, or system optimizer, our primary focus is on security aspects, including anti-malware, anti-theft, web protection, and privacy protection.
Mobile security products are designed primarily to safeguard mobile users and their devices from threats such as malicious apps, phishing URLs, fraudulent emails, and other harmful links. In 2021, we also evaluated how well some security apps for Android protect against stalkerware. This type of software operates covertly, enabling unauthorized individuals to spy on device owners without their knowledge or consent. While the lines between stalkerware and legitimate software, such as parental controls, can sometimes be blurred, Google Play has implemented stricter policies in recent years to combat this issue. Consequently, stalkerware is typically installed through sideloading since it is not available on Google Play.
Google Play regularly updates its policies to maintain a high standard of security and user trust. App developers must verify their identity, digitally sign their apps, meet minimum API level requirements, disclose how they handle user data, and ensure that any third-party SDKs used do not sell personal or sensitive user information. Additionally, all apps undergo multiple review processes, including privacy checks by Google, before being approved and listed on Google Play.
As Android’s built-in security features continue to evolve, it remains essential to ensure that third-party solutions provide effective malware protection. Given the prevalence of rogue antivirus apps offering inadequate security, independent testing and certification are more important than ever. We appreciate the vendors who participated in our tests and achieved certification, highlighting their dedication to maintaining high standards of mobile security. Our comprehensive certification process affirms the effectiveness and reliability of these products. Some manufacturers might prioritize other platforms or operating systems, believing Google’s security features for Android (e.g., Play Protect, Find My Device) provide sufficient protection. However, we encourage continued vigilance and innovation in mobile security solutions.
Another advantage of continuous and independent testing is that it assists security vendors in quality assurance. During this year’s testing, we discovered a bug in Play Protect that occasionally caused cloud requests to fail, preventing Play Protect from blocking the installation of some malicious apps. Our testing helped Google narrow down the cause of the faulty behaviour.
Since the introduction of the runtime permission model in Android 6.0 (Marshmallow), Google has continuously enhanced Android’s privacy and security architecture. With each version, new features have been introduced to give Android users more control over their devices and the data accessed by third-party apps.
At the core of Android’s security system is Google Play Protect, a built-in malware scanner that checks apps during installation from Google Play or third-party sources and regularly scans the device for potential threats. With real-time code-level scanning, it prompts users to scan apps it has not seen before. Additionally, it includes live threat detection powered by on-device AI to identify suspicious app behaviour without compromising user privacy.
The Safe Browsing API protects users against malware and phishing links while browsing in Google Chrome. Google’s Find My Device offers anti-theft functions to lock, locate, alarm, or wipe lost or stolen phones. With Android 15, advanced theft-protection features such as “Theft Detection Lock” and “Offline Device Lock” were added and existing functionalities such as “Remote Lock” and “Factory Reset” were improved, making it harder for thieves to gain device access, change sensitive settings, or reset the device. Android includes several app auditing features that let users review and adjust privacy settings, such as permissions and notifications, and monitor app activity, such as mobile data usage, battery use, and storage space.
Android 15 introduces a wide range of new privacy and security features. “Private Space” hides sensitive apps (e.g., social, banking, health) behind extra authentication, while “Identity Check” adds biometric verification for critical device settings such as Google account, changing the device PIN, or disabling theft protection. One-time passcodes are redacted from notifications and during screen sharing, which now includes a clear indicator, partial sharing, and auto-hiding of sensitive data. Sideloaded apps face expanded restrictions on accessing special permissions and roles such as accessibility, listening to notifications, displaying over other apps, usage access, and acting as default dialer/SMS app or device admin. Android 15 also limits app behaviour after startup and background app activity, blocks WEP Wi-Fi connections, and alerts users when connecting to insecure networks or IMSI catchers. Additionally, apps targeting API levels below 24 can no longer be installed.
Limitations and the Role of Third-Party Security Apps
With each new feature and behaviour change, Android may impose tighter restrictions on third-party security apps, limiting their ability to control the device, monitor activity, or access sensitive user data. As a result, some security vendors have removed certain features from their apps, e.g., remote wipe of devices running Android 14 or higher. However, the availability of Google’s security features and third-party mobile security apps can vary depending on the device model, Android version, or regional restrictions. For example, in mainland China and on devices running modified Android-based systems, such as HarmonyOS, FireOS, or LineageOS, Google apps and services, including Play Protect, are typically unavailable thus lacking built-in malware protection.
In regions such as the United States and Europe, the mobile app market is largely dominated by two official app stores: Google Play and Apple App Store. The risk of inadvertently downloading and installing malware from Google Play is relatively low, as the app store is regularly checked for fraudulent and dangerous apps. In contrast, many Asian countries like China face a significantly higher risk of malware infections due to the widespread use of third-party app stores and the prevalence of rooted devices. There exist approximately 1.87 billion active mobile devices in China, with around 78% running Android (https://gs.statcounter.com/os-market-share/mobile/china).
The ring chart below highlights the most used Chinese Android app stores. Notably, Google Play is used by almost no one (0.1%). This is largely due to a U.S. Executive Order signed in November 2020, which prohibits American companies from doing business with blacklisted Chinese telecommunication firms (https://ofac.treasury.gov/media/49616/download). As a result, Google apps and services, including Play Protect, are no longer available on newer device models from affected Chinese manufacturers.
For users without access to Android’s built-in security features, there is a very strong argument for using a third-party security app. Even users with full access to Google’s protections may benefit from the additional layers of defence these apps offer. Unlike Play Protect, which primarily focuses on scanning installed apps, third-party security solutions often provide more comprehensive coverage by also scanning files, folders, and device storage. This proactive approach helps identify and mitigate malicious apps before they are installed or executed. It is important to note that third-party security apps for Android supplement, rather than replace, Android’s native security features.
Smartphones are now commonly used as popular PC substitutes for a variety of daily tasks including online shopping, banking, instant messaging, video conferencing, and emailing. However, with the increasing sophistication of cyberattacks, mobile devices are becoming a prime target, particularly through fraudulent apps and phishing websites that aim to steal user data or money. These malicious apps often disguise themselves as fake versions of popular apps that have been downloaded by millions of users from Google Play.
To minimize the risk of falling victim to these threats, we recommend the following:
- Download apps only from official app stores like Google Play or reputable app makers and avoid third-party stores and side-loading.
- Check app reviews before installation and avoid those with predominantly negative or suspicious feedback.
- Be wary of opening links that you receive via e.g., text messages, emails, instant messenger chats, or social media, and block/delete unknown senders or spam.
- Pay attention when granting apps permissions or excessive access rights and question unnecessary requests.
- Keep your Android and third-party apps up to date with the latest patches.
- Use a certified antivirus app to provide an additional layer of protection.
A list of antivirus apps for Android can be seen here: https://www.av-comparatives.org/list-of-mobile-security-vendors-android/
- Regularly back up your data using common backup solutions.
- Regularly evaluate the legitimacy, usefulness, and data handling practices of apps, whether online or on Google Play.
- Do not root your smartphone, mitigating the risk of malware infection and keeping the warranty.
- Disable unused settings and device sharing functions that could be potential attack vectors such as Bluetooth, NFC, or Wi-Fi calls.
- Use a VPN to secure your Internet connection, especially on public Wi-Fi networks.
How high is the risk of malware infection with an Android mobile phone?
The risk of malware on Android phones depends on multiple factors and cannot be answered simply. However, sticking to official app stores like Google Play lowers the infection risk. In Asian countries with many third-party app stores, the likelihood of harmful downloads is higher. Nevertheless, it is important to note that “low risk” does not mean ”no risk” as the threat landscape can change quickly. To be prepared, installing an appropriate security app on your smartphone is recommended. Currently, in western countries, protecting against data loss and identity theft from bad actors is more critical than malware protection.
In this section, we provide a concise overview of key security components commonly found in mobile security products for Android. At the beginning of each product review, you will find a set of symbols to indicate whether a feature is supported (orange) or not supported (grey). Please note that all symbols apply specifically to Android 15.
 |
The primary component is the Malware Scanner or Anti-Malware which safeguards users from unintentionally installing malicious apps on their device. Similar to antivirus programs for Windows, mobile security apps for Android incorporate other protection features: The Real-time Protection actively scans newly installed and/or downloaded apps for any malicious behaviour. The On-demand Scanner examines the device for already installed malicious apps or malicious app installers on the internal storage and/or SD card. Keeping malware definitions up to date is a critical factor in effective protection, especially for apps that primarily rely on them for detecting malware. Certain tested products offer a cloud-assisted malware scanner to ensure access to the very latest definitions. Definition updates are either retrieved automatically by the app at specified time intervals or triggered manually by the user.
|
 |
The Anti-Theft component is designed to remotely control a lost or stolen device. Android already includes core anti-theft features such as device lock, locate, and alarm. The tested security products extend this functionality with features such as location tracking, taking pictures of the thief using the device’s cameras, or triggering actions in response to suspicious device activities (e.g., locking the device when the SIM card is changed or trying to uninstall the security app, capturing pictures after multiple failed unlock attempts). This component is typically managed via a web interface.
|
 |
Web Protection prevents users from unintentionally downloading malicious apps or accessing phishing websites while browsing the Internet. Most of the tested products offer web protection for at least Google Chrome, the most popular browser on Android. Additionally, some apps support various third-party browsers to accommodate the user’s choice for their preferred mobile browser.
|
 |
App Lock is another useful security feature, enabling users to safeguard selected apps from unauthorized access. Users can set up a locking mechanism, such as PIN, password, pattern, or biometrics (e.g., fingerprint or face recognition on supported devices), which is required to launch a protected app. Furthermore, they might be able to customize the app locking behaviour, such as unlocking when connected to a trusted Wi-Fi or locking based on location or time schedule.
|
|
A privacy advisor or app audit feature is also included in most of the tested products, which typically scans the installed apps for possible privacy violations. This analysis examines app permissions that are uncommon, unnecessary, or inappropriate, as they may pose a risk to the user’s privacy. Based on this result, some security apps advise uninstalling “risky” apps.
|
Tested Products
We have reviewed and tested the following products for this report. We congratulate the third-party security vendors, who have demonstrated that their solutions are effective and reputable, and helped to raise the standard for all mobile security solutions. The latest products were taken from Google Play at time of testing (May 2025). After the test, manufacturers had the opportunity to fix any flaws we discovered. Any bugs or issues discovered during the review that we consider critical must be fixed, and an updated app version must be published on Google Play within three weeks of reporting the issue. Any problems that have already been solved are noted in the reviews. The versions listed below apply to the updated product reviews.
For this report, we used Android 15 which is currently the most recent Android version. We used the unmodified version of Android 15 to avoid potential issues caused by modifications from hardware manufacturers or mobile carriers.
| Vendor |
Features |
| Avast |
   |
| AVG |
|
| Avira |
 |
| Bitdefender |
 |
| ESET |
|
| G Data |
|
| Google |
|
| Kaspersky |
|
| Norton |
|
| Securion |
|
Avast, AVG, Avira, and Norton are products of Gen Digital and use the Avast engine. G DATA uses the Ikarus engine.
For each product’s anti-theft component (see “Key Features in Android Mobile Security Apps”), we provide brief comments on each function and use the following symbols to indicate its performance in our tests:
 |  |  |
| no issues | minor issue(s) | major issue(s) |
Both ESET and Google had a bug in their respective products at the time of testing, which led to an increased number of missed detections. The vendors have informed us that these bugs have since been fixed in updated versions of their apps. ESET was still able to meet the certification criteria despite the issue. Google, however, narrowly missed the certification threshold due to the elevated number of misses caused by the bug.
Test Procedure
The malware used in the test was collected by us in the few weeks before the test. We used 3,322 malicious applications, to create a representative test set. Apps with the same certificates and/or the same internal code were removed, in order to have a test set of genuinely unique samples. The security products were updated and tested on May 6, 2025. The test was conducted with an active Internet connection on genuine Android smartphones (no emulators were used). The test set consisted exclusively of APK files. If available, an on-demand scan was conducted first. After this, every undetected app was installed and launched. We did this to allow the products to detect the malware using real-time protection. A false-positives test was also carried out using 500 clean apps. The results can be seen below (sorted by Malware Protection and number of False Positives; products with identical scores are sorted alphabetically).
Test Results
| Mobile Protection Rates |
| |
Protection Rate |
False Positives |
| Bitdefender |
100% |
0 |
| Avast, AVG, Avira, Norton |
99.9% |
0 |
| Kaspersky |
99.8% |
0 |
| ESET |
99.6%[1] |
0 |
| Securion |
99.5% |
7 |
| G DATA |
99.5% |
10 |
| Google |
98.8%[1] |
10[2] |
[1] A product bug caused a slightly increased number of misses.
[2] Mostly detected as privacy risk.
Battery Drain Test Results
As with our previous investigations, we measured the additional power consumption caused by each of the mobile security products. Testing the battery usage of a device might appear to be very straightforward at first glance. If one goes into more detail, the difficulties become apparent. Particularly with mobile phones, the usage patterns of different users are very varied.
Some use the multimedia functions extensively, others view a lot of documents, while some use only the telephone functions. We need to differentiate between power users who take advantage of all the possible functions in the device and traditional users who merely make and receive phone calls.
The test determined the effect of the mobile security app on battery use for the average user. The following daily usage scenario was simulated:
- 67 minutes using social media apps (such as YouTube)
- 40 minutes telephony
- 35 minutes surfing the Internet using the Google Chrome browser
- 22 minutes looking at photos
- 13 minutes watching videos saved on the phone itself
- 2 minutes sending and receiving mails using the Google Mail client
- 1 minute opening locally saved documents
In our test, we found that all the tested mobile security products had only a minor influence on battery life, as outlined in the table below. In general, we were able to give the tested mobile security apps high marks regarding power usage.
| Battery Drain Results |
| Avast |
 |
| AVG |
|
| Avira |
|
| Bitdefender |
|
| ESET |
|
| G Data |
|
| Google |
|
| Kaspersky |
|
| Norton |
|
| Securion |
|
|
up to 3% |
 |
3 to 8% |
 |
8 to 15% |
 |
15 to 25% |
 |
> 25% |
Product Reviews
Avast
Mobile Security Free
25.8.1
Introduction
Avast Mobile Security Free is an ad-supported security product which includes a variety of security-and privacy-oriented features. These include anti-malware, safe browsing, app audit, Wi-Fi security, data leak checker, and photo vault. Avast asked us to test and review the free version of their product. Please note that Avast owns AVG, and the respective Android apps appear to be identical in functionality. There are some minor differences in the user interface, however.
Usage
Upon starting the app, users must accept Avast’s Agreement and Privacy Policy. A brief overview of the core features is presented, after which users are prompted to grant notification permission and select a paid license. The app then initiates an initial scan, which requires users to grant access to all files. When continuing with the free and ad-supported version, the Consent Policy for custom ads must be accepted. All the features are accessible via the bottom navigation menu.
Anti-Malware
After the initial scan, the app suggests fixing potential security issues, such as enabling the web protection and setting up a lock screen. Users can choose between a deep scan, which checks the entire storage and device settings, and a file scan, which allows scanning of selected files or folders.
Web & Wi-Fi Protection
Web Shield protects against malicious URLs and phishing websites across different browser apps. The Wi-Fi scan detects vulnerabilities on the currently connected Wi-Fi network.
App Audit
App Insights displays the permissions required by each app, enabling users to manage app permissions or uninstall apps directly. Apps are also grouped by the permissions they request and labelled with risk levels “low”, “average”, or “high”, based on their access requirements.
Privacy Protection
Hack Alerts notifies users if any accounts associated with their email addresses have been involved in a data breach.
Additional Features
Photo Vault allows users to securely store up to ten photos, which can only be accessed after entering the user-defined PIN. Wi-Fi Speed Test measures the Wi-Fi connection’s speed. My Statistics provides a summary of security-related actions taken by Avast on the device, e.g., number of threats prevented. The Privacy Advisor offers guides on how to keep personal data more secure in a variety of apps.
Conclusion
Avast Mobile Security Free is a well-designed anti-malware app offering a range of security features, albeit with some limitations. It also includes optimization and privacy-enhancing tools. The app provides a step-by-step guide to setup each feature.
AVG
AntiVirus Free
25.8.1
Introduction
AVG AntiVirus Free is an ad-supported security product which includes a variety of security- and privacy-oriented features. These include anti-malware, safe browsing, app audit, Wi-Fi security, data leak checker, and photo vault. AVG asked us to test and review the free version of their product. Please note that Avast owns AVG, and the respective Android apps appear to be identical in functionality. There are some minor differences in the user interface, however.
Usage
Upon starting the app, users must accept AVG’s Agreement and Privacy Policy. A brief overview of the core features is presented, after which users are prompted to grant notification permission and select a paid license. The app then initiates an initial scan, which requires users to grant access to all files. When continuing with the free and ad-supported version, the Consent Policy for custom ads must be accepted. All the features are accessible via the bottom navigation menu
Anti-Malware
After the initial scan, the app suggests fixing potential security issues, such as enabling the web protection and setting up a lock screen. Users can choose between a deep scan, which checks the entire storage and device settings, and a file scan, which allows scanning of selected files or folders.
Web & Wi-Fi Protection
Web Shield protects against malicious URLs and phishing websites across different browser apps. The Wi-Fi scan detects vulnerabilities on the currently connected Wi-Fi network.
App Audit
App Insights displays the permissions required by each app, enabling users to manage app permissions or uninstall apps directly. Apps are also grouped by the permissions they request and labelled with risk levels “low”, “average”, or “high”, based on their access requirements.
Privacy Protection
Hack Alerts notifies users if any accounts associated with their email addresses have been involved in a data breach.
Additional Features
Photo Vault allows users to securely store up to ten photos, which can only be accessed after entering the user-defined PIN. Wi-Fi Speed Test measures the Wi-Fi connection’s speed. My Statistics provides a summary of security-related actions taken by Avast on the device, e.g., number of threats prevented. The Privacy Advisor offers guides on how to keep personal data more secure in a variety of apps.
Conclusion
AVG AntiVirus Free is a well-designed anti-malware app, offering a range of security features, albeit with some limitations. It also includes optimization and privacy-enhancing tools. The app provides a step-by-step guide to setup each feature.
Avira
Free Security
7.28.0
Introduction
Avira Free Security is a free security product for Android, offering various security- and privacy-oriented features. These include anti-malware, app lock, app audit, data-limited VPN, data leak checker, and call blocker.
Usage
When launching the app for the first time, users must grant notification permission, accept the EULA, Terms and Conditions, and Privacy Policy, and have the option to opt out of additional data processing. All features are organised into categories and easily accessible via the bottom navigation bar.
Anti-Malware
Following the initial scan, the app suggests resolving potential security issues, such as enabling identity protection. The smart scan can be customized to detect PUA, run when a storage device is connected, and operate on a user-defined schedule.
App Lock & Audit
The App Lock feature allows users to secure selected apps using a PIN, pattern, or fingerprint. Lock behaviour can be configured (e.g., locking immediately, after a set time, when screen turns off, or new apps) and a fake crash message can also be shown when a locked app is accessed. The Permissions Manager lists all installed apps grouped by the permissions they require.
Privacy Protection
The Identity Safeguard checks whether any accounts related to an email address have been compromised in a data breach. Unwanted or nuisance calls can be blocked using the Call Blocker.
Additional Features
The free app version includes a VPN with a 100MB daily limit. The Junk Cleaner identifies large files and gives users the option to delete them to free up storage.
Conclusion
Avira Free Security is a straightforward anti-malware app that provides access to a variety of security features, albeit with some limitations. It also includes basic optimization and privacy-enhancing tools.
Bitdefender
Mobile Security
3.3.267
Introduction
Bitdefender Mobile Security is a paid-for security solution for Android. The app includes additional security features such as anti-theft, safe browsing, app lock, data leak checker, scam protection (including SMS, instant messages), and a basic VPN service. Device activity can be controlled and monitored remotely via the Bitdefender Central app or web interface at central.bitdefender.com.
Usage
Upon opening the app for the first time, users must agree to Bitdefender’s subscription agreement, and either log in with an existing account or create a new one with a 14-day trial period. Users are then asked to grant notification permission and guided through the configuration of the necessary features, such as Malware Scanner and Web Protection. All functions are accessible via the bottom navigation menu.
Anti-Malware
The first full scan of apps and files can be performed during setup. After that, users are prompted to activate additional security features. The App Anomaly Detection setting monitors apps for malicious behaviour in real-time. Apps downloaded from non-official stores are scanned before installation.
Anti-Theft
Anti-theft components are listed in the table below. Users are asked to set up a device lock and an app-specific PIN to protect the anti-theft and app-lock settings. The remote commands Locate, Lock, and Scream can be sent to all connected devices from either the Bitdefender Central app or web interface. The Snap Photo feature takes a photo with the front camera, stores it on the device, and uploads it to Bitdefender Central if an incorrect PIN has been entered three times in a row.
During our testing, anti-theft commands sent from Bitdefender Central failed to execute and the Wipe command was still available although it is not supported on Android 14 or higher. However, after we reported this issue to Bitdefender, it was promptly resolved.
Web & Wi-Fi Protection
The Web Protection feature blocks malicious URLs and phishing websites in various browser apps and displays a notification upon visiting banking pages. The app also includes a VPN service, providing up to 200 MB of data traffic per day while connected to an automatically chosen server. By default, the app warns users each time the device connects to an open Wi-Fi network and recommends activating the VPN.
App Lock
The App Lock feature limits access to chosen apps by requiring a predefined PIN or biometrics (e.g., fingerprint, face recognition). Users can customize the lock behaviour and keep apps unlocked while connected to trusted Wi-Fi networks. The Random Keyboard setting shuffles the number position on the keyboard each time the lock screen appears. While Snap Photo is enabled, the front camera automatically captures a photo after three failed unlock attempts.
Privacy Protection
Account Privacy enables users to check if an email address has been involved in known data breaches. Additional email accounts must be verified before being monitored. Scam Alert monitors incoming text messages and app notifications for potential scam or spam links. If Chat Protection is turned on, this functionality is extended to messages received in supported instant-messaging apps.
Conclusion
Bitdefender Mobile Security integrates a wide range of tools to monitor and protect device security and user privacy, all within a clean and intuitive user interface.
ESET
Mobile Security Premium
11.0.13
Introduction
ESET Mobile Security Premium is a paid-for and easy-to-use mobile security solution for Android. In addition to malware protection, anti-theft, and anti-phishing, it offers privacy-related features such as app auditing, app locking, call filtering, and payment protection.
Usage
On the first start, users must agree to the EULA and Privacy Policy and can customize their data collection preferences. Next, users are prompted to create an account, or log in to an existing one, in order to activate the product license. Alternatively, users can continue with the free version. After granting the app permission to access all files and folders, the first device scan starts immediately. All the features can be viewed and accessed on the main screen.
Anti-Malware
Users can choose between two scan levels: Smart (installed apps) and In-depth (all files). In both cases, the internal and external device storage is scanned. Detection modules can be updated manually, and it is possible to toggle on-charge scans and to schedule scans. Further settings allow users to disable real-time protection for download folders and toggle the ESET LiveGrid reputation/feedback system.
Additionally, the detection of potentially unwanted and unsafe applications can be controlled here. The Adware Detector can help identifying installed apps that overlay the device screen with unwanted ads.
Anti-Theft
Anti-theft components are listed in the table below. During setup, users need to grant the app several permissions, including device admin rights, and configure a PIN to protect the anti-theft settings. The SIM card protection and other locking behaviours (e.g. number of unlock attempts, photo of the intruder) can be configured as well. Once the device recognizes suspicious behaviour (e.g., removing device admin rights from the app), it will enter the “suspicious mode”. In this state, the app locks the device and regularly sends data (photos taken by the front and back camera, device’s location, and information about connected Wi-Fi networks) to the web interface at home.eset.com.
Users can also trigger this mode from the web interface with one click. Device monitoring ends after 14 days but users will receive an email reminder 5 days before to extend the monitoring period. It is possible to automatically save the last known location when the device battery will reach a critical level. A locked device can be unlocked either with the ESET account password or a custom unlock code obtained from the web interface.
Web Protection
The anti-phishing component safeguards a wide range of browser and social networking apps against phishing attacks. An added layer of protection is provided by the Link Scanner, which sets the ESET app as the default browser to automatically scan links before they are opened in the user-defined browser. When enabled, SMS Protection and Notification Protection further enhance security by detecting malicious links in text messages and app notifications.
App Lock & Audit
App Lock allows users to protect selected apps from unauthorised access using a PIN or pattern. The locking type and behaviour (e.g., lock new apps after installation, lock after screen turns off) can be adjusted in the settings. With Security Audit, users can review important device settings and permissions of installed apps, including system apps, in a clean overview.
Privacy Protection
Call Filter sets the ESET app as the default “Caller ID & Spam” app, enabling it to block unknown/hidden numbers or contacts based on custom rules. The Safe Launcher app (ESET Payment Protection) is installed alongside the ESET app to prevent malicious apps from intercepting or altering on-screen information of protected banking and payment apps.
Conclusion
ESET Mobile Security Premium provides robust protection against malware and theft, combining a wide range of security features with a user-friendly experience. It stands out for its clear, concise explanations during setup and throughout its configuration options. All anti-theft features worked flawlessly.
| Anti-Theft Details |
| Commands Web |
| Device is missing |
 |
Marks the device as lost and regularly triggers subsequent actions. |
| Track |
|
Automatically tracks the location and displays it on Google Maps when the device is marked as lost. |
Play siren
|
|
Sounds an alarm on the device when marked as lost. |
Lock
|
|
Automatically locks the device when marked as lost. |
Message
|
|
Sends a message which is shown on the lock screen when device is marked as lost. |
| I have recovered my device |
|
Stops the automatic device monitoring and unlocks the device. |
| Download activity |
|
All the pictures taken, and locations noted, can be downloaded as an archive. |
| Additional Features |
Take Photo
|
|
Automatically takes pictures with the device’s front and back camera when the device is marked as lost. |
SIM Card Protection
|
|
Locks the device if a (trusted) SIM card is removed. |
| Uninstall Protection |
|
Marks the device as lost if device admin rights are removed from the app. |
G Data
Mobile Security
29.1.0
Introduction
G DATA Mobile Security is a paid-for security solution that incorporates various security- and privacy-related features such as malware scan, anti-theft, web protection, app lock, and app audit. A 30-day trial offered.
Usage
When first launching the app, users must accept the EULA and Privacy Policy and decide whether to share anonymous and/or malware-related data. After logging into their account, users are guided through a quick tour of the app’s main components and asked to grant notification permission. Next, they have the opportunity to adjust scan-related settings. Once access to all files and folders is granted, the app redirects users to the main screen and initiates an initial scan. The dashboard displays information about the app and license as well as a prominent scan button. Additional features can be accessed via the menu in the upper-left corner.
Anti-Malware
In the settings, the scan type of manual or scheduled scans can be configured. An App Scan checks installed apps only, while a System Scan includes all files stored on the device.
Signature updates can be set to run manually or at user-defined intervals, with an option to restrict updates to Wi-Fi connections. By default, G DATA scans newly installed apps automatically and performs periodic scans.
Anti-Theft
Anti-theft commands are listed in the table below. To activate anti-theft, the device must be connected to the G DATA Mobile Security Center and granted the necessary permissions. Available features include device location (Locate device), remote alarm (Trigger signal tone), and remote screen lock (Lock screen), which requires admin rights and a device lock screen to be set. Additionally, SIM card protection can be enabled. The web interface allows users to issue remote commands, view and adjust app settings (including battery-friendly scan options), start scans, and access general device information along with a history of actions performed by the app. Notifications are sent to a predefined email address whenever an anti-theft command is triggered.
Web & Wi-Fi Protection
When enabled, the Web Protection feature blocks phishing and malicious URLs in supported browser apps. It can be configured to activate only when connected to a Wi-Fi network.
App Lock & Audit
To enable App Control, users must create a PIN, which is required to open protected apps, set a security question, and provide a recovery email address. This feature also displays permissions granted to apps and allows users to uninstall apps directly.
Conclusion
G DATA Mobile Security offers a simple, user-friendly interface with a solid set of security and privacy features. All anti-theft features worked flawlessly.
| Anti-Theft Details |
| Commands Web |
| Locate device |
|
Displays the device location on Google Maps. |
| Trigger signal tone |
|
Sounds an alarm on the device. The alert is stopped, when the device is unlocked. |
| Lock screen |
|
Locks the device if a pre-defined Android lock screen is configured. |
| Additional Features |
SIM Card Protection
|
|
Locks the device and sounds an alarm if the SIM card is removed or changed. |
Google
Play Protect & OS Features
46.1.39
Introduction
Google-certified Android devices come preinstalled with Google Play Services and Google Mobile Services (GMS), which include essential apps and APIs that enable seamless access to Google services (e.g., Chrome and Gmail) using a single Google account. Among these, Google Play Protect provides built-in malware protection by continuously monitoring the device for malicious apps. Device security and privacy are further enhanced with anti-theft, safe browsing, and app auditing.
Usage
Play Protect is integrated into Google Play and available on supported, certified Android devices. Users can access it either via the Google Play app or Android system settings.
Anti-Malware
Play Protect combines on-device scanning with cloud-based analysis to detect potentially harmful applications (PHA) downloaded and installed from Google Play or other third-party sources. These include apps that hide or misrepresent important information and/or misuse permissions to access personal data, thus violating Google’s policies. Installed apps are automatically scanned once a day, and users can also initiate scans manually. When a PHA is detected, users are notified and prompted to remove the app, which also blocks future installations of it. Users can opt to send unknown apps to Google for further analysis. Scanning and submission of unknown apps can be disabled in Play Protect settings.
Anti-Theft
Anti-theft commands are listed in the table below. To issue commands to a lost or stolen device, users can use the Google Find Hub web interface at google.com/android/find or the dedicated app on a second Android device. Once a Google account is added to a new device, Find My Device features are enabled by default but can be changed via Android’s security settings. The interfaces display the device’s current or last-known location, battery level, time, and connection details (Wi-Fi name). The device can only be locked if a lock screen was previously configured. Issuing the lock command signs the user out of the Google account and removes stored Google Wallet payment information. If the device is lost, users can provide a custom message and phone number which is displayed on the lock screen. A remote factory reset deletes all data from the internal and external device storage. Advanced screen lock features (e.g., automatic locking when theft is detected, device goes offline, or remotely locking by a verified phone number) provide enhanced protection against theft.
Web Protection
Google Chrome for Android includes Safe Browsing by default. Under “Standard Protection”, users are alerted about dangerous websites and downloads. When switching to “Enhanced Protection”, URLs are submitted to the cloud for deeper analysis. Chrome also notifies users if their credentials are found in a known data breach.
App Audit
Android’s system settings provide detailed information about installed apps, including download source, version, notification and permission settings, and resource usage (e.g., mobile data, battery, storage). Users can uninstall or force-stop apps and adjust individual app permissions. The Permission Manager and option “Special access” group apps by the permissions they request (e.g., location, camera, contacts, device admin rights, all files access, appear on top, install unknown apps) and empowers users with even more privacy control. Permissions of apps, that have not been used for a few months, may be automatically reset.
Conclusion
Google Play Protect comes preinstalled on certified Android devices as part of the broader GMS suite. Depending on the device manufacturer, additional security features may be offered that complement or overlap with pre-existing GMS apps such as Google Chrome and Find My Device. All anti-theft commands worked flawlessly.
| Anti-Theft Details |
| Commands App & Web |
| Locate |
|
Displays the current or last-known location of all registered devices on Google Maps. |
| Play Sound |
|
Plays the device’s currently configured ring tone. |
| Secure device |
|
Locks the device with the pre-defined locking mechanism and signs out from current the Google account. A message and/or phone number can be displayed on the locked device screen. |
| Factory reset |
|
Triggers a factory reset and wipes the external storage. |
Kaspersky
Premium for Android
11.121.4
Introduction
Kaspersky Premium for Android is a well-rounded, paid mobile security solution. It offers a comprehensive set of tools to protect against malware, phishing, theft, and privacy violations. The app functionality is extended by additional features such as app lock, app audit, Wi-Fi security, unlimited VPN, data leak checker, notification protection, and a system settings checker. The Premium plan also includes licenses for separate Kaspersky apps, such as password manager and parental control (Safe Kids). Kaspersky apps are currently not available on Google Play. Users must download the app from alternative sources such as the Samsung Galaxy Store, Huawei AppGallery, Xiaomi GetApps, or directly from Kaspersky’s official website.
Usage
On first launch, users must accept Kaspersky’s EULA and Privacy Policy. Optionally, they can participate in the Kaspersky Security Network and allow data processing for marketing purposes. Next, users have the option to purchase a new subscription, activate an existing one, or continue with a free, feature-limited version. After an initial scan, the app encourages users to configure various security components and device settings. The main screen offers options to update the database and run a quick scan. All features are accessible via the bottom navigation bar.
Anti-Malware
When initiating a scan, users can choose between a quick scan of only installed apps, a full scan of all files on the internal and external storage, and a selective scan of specific folders or files. Scan settings allow fine-tuned control over scan frequency, update intervals, and scan behaviour. By default, the app detects adware and auto-dialers and analyses installed apps as well as APK files. Activating the extended anti-virus mode enables continuous monitoring of all file and app activities, with user-defined actions upon detection.
Anti-Theft
Available Anti-Theft commands are listed in the table below. Anti-theft functions are located in the “Where Is My Device” section. The setup requires configuring a secret code, pattern, or fingerprint. Additionally, SIM Watch and Uninstallation Protection can be enabled. From the web interface at my.kaspersky.com, users can issue remote commands such as Lock & Locate, Mugshot, and Alarm, including a custom message that is displayed on the lock screen. An email notification is sent after successful execution of Lock & Locate or Mugshot. The web interface also displays device information, such as battery level, activated security features, weak settings, and images taken and provides a unique recovery code to regain access if the unlock method is forgotten or biometric authentication fails. Results are automatically deleted from the web interface after 30 days.
Web & Wi-Fi Protection
The Safe Browsing component safeguards users from visiting phishing websites in supported browser apps. When enabled, any in-app links will be opened in Chrome. Users must accept Kaspersky’s VPN statement before using the unlimited VPN service. It then auto-selects the server closest to the device’s location, but users can manually select other locations. Advanced features such as Split Tunnelling, Kill Switch, and auto-connect for unsecured networks can be configured via the VPN settings.
Wi-Fi Security analyses the current network for vulnerabilities and gives security advice. Smart Home Monitor notifies users when new devices join the current Wi-Fi network.
App Lock & Audit
The App Lock feature allows users to protect sensitive apps with the same secret code, pattern, or fingerprint used for the anti-theft feature. My Apps categorises apps by permissions and displays details such as granted permissions, data usage, and storage consumption. It also highlights rarely used apps and offers a quick uninstall option.
Privacy Protection
Safe Messaging analyses links received in SMS and instant messages for potential risks. Call Filter automatically blocks incoming calls from blacklisted numbers. Weak Settings Scan checks system settings for any vulnerabilities. Data Leak Checker and Identity Theft Check monitor user-linked email addresses and phone numbers for data leaks. Stalkerware protection and Social Privacy, which helps review privacy settings of connected social media accounts, further enhances privacy.
Conclusion
Kaspersky Premium for Android delivers extensive security and privacy features, which are clearly explained during setup and fully customizable. All anti-theft commands worked flawlessly.
Norton
360 Deluxe
5.111.6
Introduction
Norton 360 Deluxe is a premium mobile security solution providing a broad range of security features, including anti-malware protection, safe browsing, app auditing, and SMS scam detection. Furthermore, privacy-focused features, such as Wi-Fi security, a built-in VPN, and data leak monitoring, are available. The Deluxe plan also includes licenses for separate Norton apps, such as password manager and parental control.
Usage
When opening the app for the first time, users must accept Norton’s subscription agreement. To activate the app, users must either choose a subscription plan, enter a product key, or log in with an existing account. After that, the app guides users through the setup process, requesting the necessary permissions for each protection feature. All features can be accessed via the bottom navigation bar.
Anti-Malware
By default, initiating a scan from the main screen scans only user-installed apps. Users can enable scanning of system apps and files on internal or external storage in the app’s security settings. Newly installed apps are scanned automatically, and periodic scans of all apps can be configured.
Web & Wi-Fi Protection
Safe Web blocks dangerous websites in supported browser apps and when using Outlook or Facebook. The app also integrates Safe Search, Norton’s search engine for safer browsing. Wi-Fi Security scans the current network for security issues, such as weak encryption. Automatic scanning can be enabled, requiring extended location permissions. The built-in VPN offers manual server selection, a kill switch, split tunnelling, ad tracker blocking, and auto-connect when connecting to unsecured Wi-Fi networks.
App Audit
In addition to app permissions, Norton reviews the privacy policies of installed apps and highlights the types of data they collect. The Device Security feature identifies potentially insecure Android system settings and provides recommendations to mitigate risks.
Privacy Protection
Safe SMS checks incoming text messages for suspicious or dangerous links. The Identity section enables users to monitor their personal information (e.g., email, phone number, credit card, passport) for potential data breaches.
Conclusion
Norton 360 Deluxe offers a variety of security and privacy features in a modern, intuitive user interface. The app provides clear, step-by-step setup guidance for each feature.
Introduction
Securion OnAV is a lightweight, free-to-use mobile security app that focuses primarily on protecting users and their devices from malware. This review covers the global version of the app, which differs from its original Korean counterpart.
Usage
Upon first app launch, users must accept the EULA, Terms and Conditions, and Privacy Policy. The app does not require user registration. Instead, it assigns a unique device ID to prevent duplicate sign-ups. All available functions and information are accessible via the minimalist main menu.
Anti-Malware
The automatic real-time protection can be turned on and off via the app settings.
The on-demand scanner checks the internal storage for malicious apps and files. Scan results display detected threats along with their full file paths, allowing users to review and delete items selectively. Previous scan results are stored in the Scan Log on the main screen.
Conclusion
Securion OnAV is a free, straightforward mobile security app that offers essential malware protection without requiring registration.
Award levels reached in this Mobile Security Review
Notes
The perfect mobile security product for all devices and all users does not exist. As with e.g. Windows products, we recommend drawing up a short list of products that might be suitable for you after reading our reviews about the advantages and disadvantages of each product. You can then install and test free trial versions of the candidate products for a few days (one at a time) to help make your decision easier. It is worth noting that for Android security products in particular, new versions with improvements and new functions are constantly being released.
All products tested this year qualify for our “Approved Mobile Product” award. To be certified, apps had to have a malware protection rate of at least 99%, not more than 10 FPs, and a battery drain impact of under 8%. Additionally, the core features of each program had to function reliably without any major issues.
| Avast Mobile Security Free is a well-designed, ad-supported mobile security solution that provides various, customizable security, privacy, and device optimization features. |
| AVG AntiVirus Free is a well-designed, ad-supported mobile security app that offers a wide range of features to enhance security, privacy, and device performance. |
| Avira Free Security is a straightforward anti-malware app that includes basic security and privacy-enhancing tools. |
| Bitdefender Mobile Security integrates a variety of tools to monitor and protect device security and user privacy, all within a clean and intuitive user interface. |
ESET Mobile Security Premium is a robust security app for Android which includes comprehensive security and privacy measures against threats, vulnerabilities, and theft.
|
| G DATA Mobile Security incorporates essential security and privacy capabilities in a modern, user-friendly interface. |
| GoogleAndroid provides built-in malware protection, anti-theft, safe browsing, and advanced app auditing features. Google narrowly missed the certification threshold due to the elevated number of misses caused by a bug. |
| Kaspersky Premium for Android combines extensive, fully customizable security and privacy features with an appealing and user-friendly app interface. |
| Norton 360 Deluxe offers a variety of clearly explained security and privacy features within a modern, intuitive user interface. |
| SecurionOnAV – Global is a free, straightforward mobile security app focused exclusively on providing essential malware protection. |
Copyright and Disclaimer
This publication is Copyright © 2025 by AV-Comparatives ®. Any use of the results, etc. in whole or in part, is ONLY permitted after the explicit written agreement of the management board of AV-Comparatives prior to any publication. AV-Comparatives and its testers cannot be held liable for any damage or loss, which might occur as result of, or in connection with, the use of the information provided in this paper. We take every possible care to ensure the correctness of the basic data, but a liability for the correctness of the test results cannot be taken by any representative of AV-Comparatives. We do not give any guarantee of the correctness, completeness, or suitability for a specific purpose of any of the information/content provided at any given time. No one else involved in creating, producing or delivering test results shall be liable for any indirect, special or consequential damage, or loss of profits, arising out of, or related to, the use or inability to use, the services provided by the website, test documents or any related data.
For more information about AV-Comparatives and the testing methodologies, please visit our website.
AV-Comparatives
(June 2025)
