Manufacturer fears that encryption could slow down a phone’s performance have led many experts to estimate that of the 1.4 billion Android phones out in the wild, only 10% of them are encrypted.
When you compare this to the Apple stable which boasts 95% encryption on the iPhones in the market, you have to wonder whether Google has any control over original equipment manufacturers (OEM) and how they tinker with the Android operating system.
Aside from the Google suite of apps such as Gmail, Maps and Drive, OEMs are free to change the Android operating system (OS) as they see fit and that creates security issues because there are no standards OEMs have to adhere to.
“There is a push and pull with what Google wants to mandate and what the [manufacturers] are going to do,” Lead Security Analyst at Bluebox Security, Andrew Blaich told the Wall Street Journal.
Google has tried to enforce encryption before. In September 2014 when Android Lollipop was released Google bragged that Android phones would be encrypted from the moment a user turned the handset on.
Performance trumps protection
But OEMs soon found that the encryption slowed down performance by seconds on some lower end handsets. After an outcry, Google stopped enforcing the encryption standard.
The latest version of the Android OS, version 6.0 or as its more commonly known, Marshmallow, requires that OEMs encrypt handsets with high-end processors, but there seems to be little to no mention of handsets that aren’t running high-end processors.
But even high-end handsets aren’t all that safe. Since the release of Marshmallow last year October, only 2.3% of Android smartphones and tablets are running the OS.
With that said, even if you are using the latest version of Android there is no guarantee that the manufacturer has included encryption on the phone.
Of course, law enforcement wants this trend to continue because without encryption it’s easier for authorities to access any data they’re after. As we’ve seen in the ongoing Apple VS FBI case, encryption has all but locked down a phone that was used by a terrorist.
At the moment Google can remotely reset passcodes or bypass them altogether should the government request access to a smartphone. Encryption would mean this is no longer the case.
The caveat here is that without encryption, using a bit of malware and some social engineering anybody can access your information, not just law makers.
So before we all switch to Apple smartphones, we should keep an eye on the outcome of Apple’s feud with the FBI.[Via – Wall Street Journal] [Image – CC BY/2.0 Uncalno Tekno]