RSA 2015 Google takes a lot of stick from Apple and others over malware on the Android platform, but the company thinks the OS is now so secure that users don't need antivirus software.
Speaking at the RSA Conference in San Francisco this week, Adrian Ludwig, lead engineer for Android security, explained that Google is now scanning for malware so often and has become so adept at spotting malware that less than 1 per cent of Android devices has a malware problem.
"I'm conflicted about antivirus [for mobile]. It's tremendously valuable that all these security companies are doing this research, but for the end user the potential increase in value from a security standpoint is very small relative to the costs of space and storage and battery," Ludwig told The Register.
"That said, some people really want to run it and if it makes you feel better then by all means do it."
Over the last year, Ludwig explained, spyware installs on Android devices have fallen by 90 per cent, SMS fraudware installs has fallen by over 60 per cent, and malware overall has more than halved.
Part of this is down to the amount of device-scanning going on. Every Android device gets scanned at least once a week by Google's security systems, Ludwig said.
If you do have malware on your phone, chances are you're either in Russia or China. The Middle Kingdom tops the Android infection list, followed by the former Soviet Union, but the two cases are radically different.
In China, if you exclude rooting software, the malware infection rate is actually fairly low. But a lot of legitimate apps carry rooting software as a matter of course, so that users can bypass the security screens that normally pop up in Android.
Google is also highly unusual in the security industry in that it actually publishes its figures on false positives. Around half a per cent of computer alerts about viruses turn out to be false when they are inspected – a figure Ludwig said should fall further. ®