updated 03:44 pm EDT, Wed May 15, 2013
Drives developers to freemium model, hurts platform
New research from F-Secure Labs on the prevalence of malware on smartphones, along with developer data on game app piracy rates paints a pretty clear -- and damning -- portrait of Android compared to other mobile platforms. The growth in mobile malware on Google's platform is increasing at such a pace that the malware threat is approaching the relative level of compromised Windows systems, while the rampant piracy is driving developers away and making paid apps scarce in favour of the "freemium" model.
Android now accounts for 136 out of 149 known threats, with the remainder attributed to the now-discontinued Symbian platform. Other platforms, such as iOS and Windows Phone, remain essentially threat-free. The overall number of threats have increased 50 percent in just the most recent quarter, continuing a trend from the end of 2012 that saw rapid growth in Android malware, 76 percent of which are centered around privacy invasion or are for-profit scams hoping to trick the user into an unintentional subscription or other charge.
According to F-Secure, a typical example of Android malware is "SmSilence," which pretends to be a coupon app for a South Korean coffeehouse chain. Once used, the app checks to see if the native phone number of the device is from South Korea and if so, sends contact and other data to a server in Hong Kong. While Google has made efforts to make their own app storefront more secure, it allows others to build their own app stores, which may not be as safe.
One of the reasons Android fares so poorly against malware is that most of its users are on outdated versions of the OS. Though Google has improved security in more recent editions of Android OS, earlier versions prior to v4 continue to dominate. Another issue is that in most cases, carriers -- not Google -- decide when or if a given mobile device will receive and update, if ever, and often take weeks or months to customize the improvements to their models, hindering security improvements. Less than 10 percent of Google devices in use are running the latest 4.x Android OS versions.
On the other end, the rampant piracy in the Android community is also making it more difficult for developers to justify the expense of creating native apps for the platform. Studies done by at least two independent developers showed that paid apps on Android are 14 times more likely to be pirated than on the iOS platform. Game developers Butterscotch Shenanigans recently revealed piracy data on its game Towelfight 2, finding that the $1 game was pirated around 2,438 times -- about five percent of players. By comparison, 34,091 users pirated the game on Android -- 65 percent of players.
Stats like these have pushed Android developers into relying on the "Freemium" model, which makes the game free but includes in-app purchases, reports CultofAndroid. In some cases, the IAPs are nearly mandatory in order to finish the game, raising the true price considerably. Rovio, the creators of Angry Birds, said in an interview that it was initially forced to go to a freemium model on Android because its own studies showed that users preferred ads and accessories over even a very low purchase price.