Counterpoint Smartphone Market Share

counterpointCounterpoint has a new infographic based on their Q1-2015 Market Monitor report that tracks more than 75 top vendor shipments across countries that contribute to more than 95% of the total global smartphone volumes.

globalmobilephoneshare

The infographic is particularly good if you need region specific data.

Multiple App Publishers, One Company

trendmicroTrend Micro has an article on how companies should better ensure their (multiple) apps are published under the same account/name so that uses can better determine whether they are fake or not.

For example, how do users know all the Santander apps below are official?

santanderapps

Trend Micro previously published an alarmist article saying that “70% of top free apps have fake and mostly malicious versions in app stores” and that “80% of the top 50 free apps found in Google Play have bogus versions”. However, they later added the caveat that “Note that the fake apps samples we gathered are from third party sources and none was found in Google Play“.

So, if you only distribute via the Play Store (or App Store) should you care? I think so. If people download a bogus app from anywhere it can lead to loss of a user/customer, financial or information theft, fraud and loss of reputation/trust. You should direct end users to download from specific app stores, pre-declare your one publisher name and ask end-users to check this prior to downloading.

iOS vs Android: Which is more secure?

blueboxYesterday I posted about company app, platform and device preferences where Good Technology identified that iOS remains the most used device by enterprises (companies). One of the reasons for this is that iOS is perceived to be more secure than Android? But is this true?

About a year ago I posted how Marble labs found that iOS and Android were equally vulnerable to attacks. More recently, Adam Ely of Bluebox had a post on the Bluebox blog asking ‘iOS vs Android: Which is More Secure’. He explained that while iOS might be perceived to be more secure, it has had more vulnerabilities. He also talked about the Android and iOS sandboxes and correctly concluded that…

“With jailbroken devices, counterfeit devices and vulnerabilities, we have to assume in many cases, especially in BYOD environments, that the underlying operating system will be breached just as we assume with the operating systems on our laptops and servers”

The solution to the security problem doesn’t come from answering the question which platform is more secure. As I mentioned last month, you will never have complete app security. We can’t trust any end point and have to instead concentrate on protecting the sensitive data appropriately and as best we can.

Company App, Platform and Device Preferences

goodtechnologyYesterday I wrote about how mobile is paying off in the enterprise (companies). Today, I came across a new report on App, Platform and
Device Preferences (PDF) from Good Technology that digs deeper .

The report looks into apps and devices used by companies globally. Companies are mainly using office and communication apps such as contacts, calendar, email, IM, document access and the browser is actually the most used app for accessing additional business functionality. The insurance industry is an early leader in custom apps in that it represents over a third of all apps activated that access custom business processes.

goodtechnologyplatforms

As it happens, I have actually worked on one such (car) insurance app. I think the appeal for companies is that there’s a direct and quickly measurable impact for the (insurance) business. It allows access to new business and new channels in what’s a highly competitive industry. In other businesses, measuring the impact of custom apps can be less measurable and might even cannibalise existing access methods which might have some internal company inertia to ‘keep going’ even though they are out of date and inefficient. Less competitive industries than insurance have less incentive to care. However, with Google reporting upwards of 50% of us are now using mobile in preference to desktops/laptops, the laggards will have to eventually consider access via mobile, even if it is only from a web browser.

Android Pulling Past iOS in Generating Revenue

Re/code has an article on how recodeAndroid is Starting to Pull Past iOS in Generating Revenue for App Developers. I suppose it was inevitable that the large number of Android users would eventually tip the balance in terms of traffic and revenue share.

trafficandmediasharebyos

However, I expect some companies will continue to go iOS first. Why? Well, company strategy is often driven by familiarity rather than logic. Many company owners and their designers use iPhones and this will continue to influence mobile strategy. I am still seeing this in designs I receive in that they all too often include iOS idioms.

iOS Taking Market Share From Android

kantarKantar has some new research for Q1 2015 showing that Android switchers are driving iOS sales growth in Great Britain, Germany, France, Italy, and Spain. iOS share has increased by 1.8% to 20.3% since last year. Meanwhile, in the U.S., iOS reached a market share of 36.5% and Android 58.1%. iOS growth is mainly being driven by phablet sales.

336 million Smartphones Shipped Worldwide in Q1 2015

IDC has new research showing 336.5 million smartphones were shipped worldwide in the first quarter of 2015. Samsung has overtaken Apple as the leading vendor.

idcworldsmartphoneshipmentsq12015

There’s no mention of the mobile OS market share in this press release but, looking at the above graph, it’s likely to be relatively unchanged compared to previously.

Thoughts on Google’s Android Security 2014 Year in Review

androidI have finally got round to reading Google’s ‘Android Security 2014 Year in Review’ (pdf). I believe it’s mainly a public relations exercise to assure everyone that Android is safe and that Google is being proactive in improving security. However, having read the report it’s easy to come away with the impression that everything’s ok. There are few places in the report I thought “Yes, but…”.

First an obvious one. Google say they “provided device manufacturers with ongoing support for fixing security vulnerabilities in devices, including development of 79 security patches”. However, what they don’t say is that very few of them made their way onto consumers devices.

Google say “Fewer than 0.15% of devices that download only from Google Play had a Potentially Harmful Application (PHA) installed”. This doesn’t sound many. As an end user you will probably be comforted by such a statistic. However, what if you are a company with say 1000 employees? Statistically, at least one of them might be leaking company information. What if you are a bank with millions of customers using a banking app? If your app doesn’t adequately secure data then a very large number of people could be affected. I think what this means for developers is that just because there’s a low chance of infection, apps should still take exceptional steps to protect their own sensitive data and not solely rely on the fact the platform is secure most of the time. The fact that Android is “secure most of the time” is only of significance for end users.

androidphas

There’s lots of emphasis on Google’s Verify Apps that checks apps at time of install. This won’t catch everything. Attackers are getting good at installing skeleton apps and later downloading extra functionality after Verify Apps has stopped looking.

Also remember, security isn’t only about PHAs being installed. It’s also about the ability to easily obtain information from stolen devices, reverse engineer apps and other such activities that can cause nefarious deeds without even installing an app under Google’s Verify Apps.