According to a survey of US smartphone users commissioned by the Beyond Identity blog, iPhone users consider their devices very secure, while Android users are considering a switch because they don’t trust Google, their phone handset maker, or both. Most interesting is that the primary driver for this seems to be a new feature coming to iOS 16 that almost nobody will need to use.  “All mobile users should have expectations of privacy and security, and Apple and Google have invested substantially in advancing their platforms and enabling mobile app developers to build and ship secure code,” Brian Reed, chief mobility officer at NowSecure, told Lifewire via email. 

Equal Protection

Beyond Identity’s survey gives an insight into Android and iPhone users’ general security practices and shows that not everyone understands how or what their phones do to keep them safe. For example, while the proportion of respondents using six-digit PINs to lock their phones is almost identical for Android and iPhone users, some iPhone users reported using iris scanning (8 percent) or voice recognition (7 percent) to unlock their phones—none of which is available on the iPhone.  In reality, both platforms are more or less equal when it comes to the security of the operating system and how it works to protect you.  “In 2021, Apple launched a privacy initiative with clearer labeling requirements for mobile app developers about how they use, transmit and protect in their mobile apps,” says NowSecure’s Reed. “Google Play just launched a Data Safety program where android developers specify how they are using, transmitting, and protecting data. We’ve seen growing interest in consumers looking for and utilizing these new privacy and data safety programs to bolster their own privacy.”

Feeling Safe

Still, iPhone users generally feel safer than their Android-using counterparts. This may be due to Apple’s reputation as being very serious about security. And in fact, that feeling of safety might actually be a bad thing for Apple users.  “Most of the security features in either phone do very little to stop the most popular types of attacks. Seventy to ninety percent of all successful hacking involves social engineering, whether through email, web, social media, SMS texts, or voice calls. And those types of attacks are going to be as successful to users of an iPhone as to Android users,” Roger Grimes, data-driven defense evangelist at cybersecurity company KnowBe4, told Lifewire via email.  Because phones are very well hardened, it’s tough for a bad actor to gain access to anything useful if they’re starting cold, either over the internet or even with the phone in their hand. That’s why, for example, Brazilian criminals snatch phones from people’s hands while they are using them, so they remain unlocked, and the thieves can access their banking apps and steal money.  And it’s why social engineering, as cybersecurity expert Grimes told us, is the main way to steal data. 

Lockdown

According to Beyond Identity’s survey, the number one reason Android users envy iPhone users’ security is Apple’s upcoming Lockdown Mode, coming this fall with iOS 16, iPadOS 16, and macOS Ventura. Lockdown Mode is an extra-high-security mode that trades away some convenience to better protect the user from hacks.  It’s aimed at people who might already suspect themselves to be targets—activists and journalists, for example—and blocks things like message attachments and some web features, prevents USB devices from connecting when the phone is locked and prevents other exploitable features.  For most people, Lockdown Mode is overkill and will make your phone more annoying to use. But for those that need it, it’s an amazing feature. And in terms of publicity for Apple, it’s an excellent tool, as we’re already seeing from Beyond Identity’s survey.  The takeaway from this is that your phone itself is probably safe. The most likely vector for attack is you, the human in charge. Take care what you tap on, don’t believe weird-looking messages, emails, or phone calls, and always, always call back on a number you know will be good if you receive a call from a bank or other financial company.  Oh, and set your banking app to require a password if you ever visit Brazil.