Did you as a Consumer thinking of encryption when you decide to buy a mobile? According to a report in The Wall Street Journal about 95 percent of all iPhones are encrypted, compared with less than 10 percent of Android phones, iPhone owners much more likely to use encryption than Android users, Where Most Android phones are not encrypted, either by user choice or manufacturer design.
Several critical differences exist in encryption technology applied to Apple and Android phones, noted Navroop Mitter, CEO of ArmorText. Android smartphone owners have to take extra steps to encrypt their data.
“Apple puts out a single device variant at a time and controls how the operating system updates work with older devices,” he told LinuxInsider. “This determines if certain new security features will be available for older iOS devices or not and if the user experience impact is acceptable.”
Manufacturers often use the Android OS on lower-end devices. Those cheaper smartphones lack the processing power to encrypt the device without destroying user experience, Mitter said.
Apple has simplified the process of encrypting its devices and their contents, but it requires using a passcode.
“This is something more than 64 percent of smartphone users do not do,” said Mitter.
Why the Difference?
Google does not require manufacturers of Android-based phones to encrypt their devices. That’s partly because of a long-standing concern from manufacturers that performance would be impacted, according to Nathan Wenzler, executive director of security at Thycotic.
“Since Google’s Android business model relies on as many manufacturers as possible building and selling Android phones, they are not in a good position to require the manufacturers to encrypt everything,” he told LinuxInsider.
“It should be noted that Google does use encryption on their own Android devices and has publicly discussed how they would prefer if their partners would do the same,” Wenzler said.
Design is another factor. The Android OS has supported encryption for a long time, although it has not been enabled by default on most Android devices, according to Robert Grapes, vice president of marketing and operations at Graphite Software.
“Android users have been capable of enabling the encryption on their devices since Android 4.x. While Apple, as the sole provider of iOS, can declare encryption by default, it is more difficult for an open ecosystem like Android to enforce encryption by default across all of the OEMs,” he told LinuxInsider.
“Perhaps without consumer demand, the OEMs simply chose performance over a feature that may or may not have been valued,” Grapes added.