The Encryption Divide across Android and iOS Devices

by Matt Klassen on April 1, 2016

android-l-will-offer-default-encryption-just-like-ios-8Had the FBI recovered an Android handset from San Bernardino terror suspect Syed Farook we likely wouldn’t have seen the encryption drama that unfolded over these last few months. The reason: Android phones are almost never encrypted.

That’s not to say that Android phones can’t be encrypted, or that Google doesn’t want Android phones to have the maximum amount of data security possible, in fact, quite the opposite is true on both counts, but factors unique to the Android world, most notably the various Android partners and the plethora of Android devices in the wild, are inhibiting the mass adoption of encryption technology.

The end result is that experts estimate that fewer than 10% of the 1.4 billion Android phones in use around the world are encrypted, compared with 95% of Apple’s iPhones, evidence once again why Apple was front and centre of the recent encryption controversy, because statistically if a smartphone is inaccessible, that smartphone is an iPhone.

As I mentioned, the reason Android phones are statistically less likely to deploy encryption measures is that Google doesn’t control the process the way Apple does. Google has created a global Android partnership, and leaves the decisions regarding encryption (and whether it’s turned on by default) to its device partners like Samsung and HTC. These companies, in turn, have resisted the urge to over-encrypt their devices, out of fear that it will hamper performance.

That leaves Google in an uncomfortable place, seeking the level of encryption that rival Apple has, but not wanting to make it mandatory for fear that it will drive its partners away. By contrast, Apple controls the entire smartphone development process, meaning that it controls iOS updates, it controls device manufacturing, it controls security, everything, and answers to no one but itself when it comes to creating the phone it wants.

This allows Apple to more conveniently and expediently update its devices, meaning more iPhones are running the latest software and more have the latest encryption standards. Again, by contrast, Android is a platform defined by fragmentation, with a very small percentage of Android phones actually sporting the latest software, meaning less encryption and more vulnerabilities.

That said, Google is taking a stand, stating that all Android phones running advanced processors will now need to be encrypted, meaning all current and future generation Android phones will deploy encryption by default.

While it may seem like Apple is winning the encryption battle, in an ironic twist the company’s mobile security has never been more tenuous. While the iPhone seems to be the clear choice currently for encryption security, the fact that the FBI has successfully accessed the phone at the heart of the recent encryption controversy means that Apple’s phones have a vulnerability, one that could leave people’s data exposed, and Apple has no idea what it is.

Further, given that the DOJ has dropped its legal action against Apple, the tech giant really has no means by which to discover what method the FBI used and how it bypassed Apple’s various levels of security.

Of course given my suspicions that the FBI manufactured this entire legal battle to bring the encryption debate into the court of public opinion, and the fact that it failed to win that fight after the phone was successfully cracked by a third-party, I suppose we can say there really are no winners here, only varying degrees of losers.

Did you like this post ? TheTelecomBlog.com publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).

Written by: Matt Klassen. www.digitcom.ca. Follow TheTelecomBlog.com by: RSS, Twitter, Facebook, or YouTube.

Previous post:

Next post: