According to a study by Upstream’s Secure_D, when compared to Q1 2019, there were 55% more fraudulent mobile transactions and devices infected with malware in Q1 2020.
What was even more stupefying was the Buzzfeed article where George Cleaves, Secure-D’s Managing Director accentuated that malware was now found pre-installed in brand new phones – out of the box.
The phones which belong to Transsion Holdings, the manufacturers of the Tecno, Infinix, and Itel brands, targeted low-income users. The malware-infected devices end up subscribing users to paid services and consuming the mobile data in their phones, without their knowledge or consent.
The big question is, how does this happen? How do users end up having built-in malware in their brand new phones? Let’s explore.
In order to understand the concept of Android fragmentation, we need to walk down memory lane. In 2007, the Open Handset Alliance, with a dream to accelerate innovation in the mobile space, while offering consumers affordability, developed Android. Android, in their vision, was going to be open and free.
Unfortunately, this decision came with some problems that have plagued the Android Operating System (OS), for over a decade. This bracket of problems can be referred to as Android fragmentation.
The many facets of Android fragmentation
There are several facets of this phenomenon:
- the 10 versions of the Android Operating System
- The variety of device manufacturers whose smartphones run on the Android OS
- The Android-based Fire OS that powers Amazon’s Fire tablets
In comes outdated software
One of the by-products of Android fragmentation is Android devices that run on outdated software. Google only creates phones with a complete version of Android but allows companies to create their own operating systems.
What this essentially means is that companies manufacturing devices may not match their hardware and software, as the development and production cycles may not be similar. Let’s explore this in the next section.
Google’s Pixels and Nexus phones
The only Android phones that get timely updates, at least from a manufacturer’s point of view are those manufactured (and sold) by Google. According to Google support, Pixel and Nexus phones get Android updates within 2 weeks from the release of the update.
Pixel phones continue to receive Android updates 3 years from when the devices were first available on the Google Store, while their Nexus counterparts receive updates up to 2 years from their Google Store availability.
Unfortunately, this is not the case for other manufacturers. This article from computerworld.com says it all. Various device manufacturers were rated based on their Android Pie (Android 9.0) updates on their devices. Here are screenshots from some main players (spoiler, Google scored a clean A):
Other manufacturers’ Android OSs are so highly customized that they still need customization even after Google releases security patches for Android.
It is no wonder then that it is possible to ship brand new smartphones with outdated software!
How do I know if my phone is out of date?
Unfortunately, mobile phone manufacturers never notify their users when they stop updating the devices. They leave it at Google’s discretion. That leaves the users to find out whether they are using a phone with the latest software or not.
Visit your manufacturer’s site
Checking for software updates is seemingly complex. The best way, however, is to visit your particular manufacturer’s support page on their website.
Alternatively, you can do it manually.
- Click the settings menu (usually an icon on your home screen – image below)
- Then click ‘software update’ or its equivalent, depending on the phone you are using. It should show you the date of your last update.
If it indicates that you have the latest Operating System but that it was installed several years ago, then this indicates that your phone is no longer supported.
Download new apps
The other way to tell whether your phone is running outdated software is by downloading new apps. If the apps are incompatible with your phone then the software is outdated.
Google requires mobile manufacturers to provide security updates for mobile phones two years after they are sold. However, Apple has gone an extra mile by providing security updates for devices that were sold five years before.
How to update your phone
For a phone to be successfully updated, the CPU, memory and other hardware components should be compatible enough to run the new OS. Additionally, the user needs to activate automatic OS updates from his or her end to allow the new software to run.
Does it matter whether your smartphone’s software is up to date?
Yes, it does! Here are the benefits of updated software:
- It enhances your security and privacy – with updated software it’s hard for cybercriminals to hack your phone and access your private data.
- Increased phone speed – if your phone is getting slower, updating the software will help it work at top-notch speed.
It is important to note that buying a brand new phone is not a guarantee for updated software, especially if you are going for an Android OS. It is only prudent to do your homework and ascertain that you get a device that will not expose you to security threats.