Report shows one in three Android devices don’t utilize a passcode

Rob Attrell

January 20, 2016 6:15pm

Mobile smartphone security awareness is at an all-time high right now. The majority of smartphone and tablet owners know that keeping their personal information secure requires at least a bit of forethought. Simple acts, like setting a device password, keeping the system updated, and using secure wireless networks, can make the mobile Internet much safer.

Duo Security, an international mobile security company, has produced a report on the state of smartphone security. Based on analytics from the personal devices of employees accessing employer data.

The results include a number of insights into the Android ecosystem and its users, and here are a few highlights:

  • One third of Android devices don’t use lockscreen passcodes
  • Five percent of Android devices are rooted
  • Over 20 percent of Android devices are running Lollipop, a full version behind 6.0.1 Marshmallow
  • 32 percent of devices are running Android below 4.0, making them susceptible to the serious Stagefright vulnerability that was disclosed partway through last year.

Duo recommends Nexus devices, as they receive direct update support from Google. Delays from OEMs or mobile carriers can sometimes mean months before an important security update is made available to other Android smartphones. The company also suggests detecting users on a company network missing security updates, and encouraging those users to run updates when it’s convenient.

Duo has built a free tool, called X-Ray, to detect vulnerabilities to Android-based exploits. You can download the app from xray.io/dl on your phone or tablet, and learn more about the tool on the company’s website.

  • BriniaSona

    “Over 20 percent of Android devices are running Lollipop, a full version behind 6.0.1 Marshmallow” Because not all OEM’s have it ready yet.

    “32 percent of devices are running Android below 4.0, making them
    susceptible to the serious Stagefright vulnerability that was disclosed
    partway through last year.” When a decent plan in Canada costs 70+ per month for the lowest contract prices, I can see why people would keep an old phone.

    • Roger

      Moto G, $200-230 off contract.

    • Me

      Exactly. That should read “When people are uneducated and don’t research before buying, especially in Canada, I understand why they keep an old phone.”

  • Mo Dabbas

    If only Apple was involved somehow, Rob would have found a way to make everything sound positive. Lol.

    • Me

      Comment of the week. I agree with you 100%.

  • Me

    Aside from the 4th point, I can check off the first 3. No passcodes, rooted and Lollipop. Also, I’m just so fed up with these reports. Oh My! Lolipop is one FULL version behind the current one. As if lollipop was full of bugs and this was 2005. Even if Android stopped at lollipop and just added updates over it (Windows 10 style), it would still me an amazing OS I would pick over anything, any day of the week. Give it up already.

    • Roger

      I went back to Windows 7 on my laptop after trying out Windows 10 for a while. Sometimes it’s better to wait until bugs from earlier builds are sorted out.
      As much as would like Marshmallow on my Note 4 just for the sake of change, I’m not in a rush to get it as it’s working fine with Lollipop 5.1.1.

    • Me

      Exactly.

  • matus201

    This is a bit misleading. There are constant security updates on the app level (Google Play Services, plus many system apps like browser get updated regularly). In addition, Android is a little bit like Windows: my S6 runs lollipop, however has 1 month old security patch level. That’s same as if I am running Windows 7 with all the updates installed: just because it is not the latest system, does not mean it is not safe.
    Also, I think these reports should ignore cheap crap phones. You get what you pay for (or do your research, and buy a used nexus 5, moto g, or any other good cheap android phone).