Wireless - The NPD Group

Home » Bulletin

Have You Patched Your Phone Lately?

Viruses. Spyware. Malware – for years consumers have had to deal with them on their PCs. Are they prepared to fight them on their mobile phones, too?

Few of us like to talk about it, but the future for mobile phone security looks painfully similar to security (or lack thereof) on PCs. As mobile phones continue to evolve and morph into tiny personal computers with a telephony component, there is an ever-growing need for improved software security. In fact, the time appears to be coming when security patches for mobile phones become as ubiquitous as those we all have to deal with on our PCs.

Not a fun thought.

Bad News

Security firms see a growing threat. McAfee’s Avert Labs expects an increase in the number of global mobile threats this year, especially with the rise of smartphones. For example, Symantec recently reported as many as nine outbreaks of mobile Trojan horses aimed at Symbian smartphones. Likewise Trend Micro noted the “emerging threat” as it rolled out its latest security product for Nokia’s Series 60 platform.

Recent data from The NPD Group shows that sales of smartphones have been on the rise, albeit slowly. Sales in the U.S. have risen since last April from about 1.8 percent of all mobile phones sold to 2.1 percent in December 2005. Handset vendors plan to push smartphones even more into the mainstream this year, so even though the mobile phone security threat has been narrowly focused until now, the future looks less sanguine, as more smart devices enter the market.

(Some) Good News

But the news is not entirely dreary. Several companies now have on-device solutions designed to protect mobile smartphones against security threats:

McAfee is launching its VirusScan Mobile, a product billed as the first end-to-end security solution on the market.
Symantec offers its Mobile Security for Symbian phones.
Trend Micro has recently launched its Mobile Security 2.0 for Symbian devices.
F-Secure offers Mobile Anti-Virus software for both Symbian and some Windows Mobile versions.
Kaspersky Lab has recently unveiled Kaspersky Mobile, an antivirus product for smartphones.

Higher Stakes

Despite the best efforts of these companies, as with PCs there’s a likelihood that criminals will succeed in breaking through the barriers to launch attacks. The stakes are expected to grow even higher in the coming months and years, when phones add electronic wallet features that provide direct access to consumer bank accounts. Motorola plans to launch its M-Wallet initiative as early as this year, while Cingular has been testing a system for mobile phone payments at Atlanta’s Philips Arena. These initiatives will undoubtedly have good security; however, as the mobile wallet starts to take off, the bad guys will try that much harder to break through.

Of course we’d all like to think that security companies are up to the challenge, but many remain skeptical. It will be up to individuals to not only demand high standards, but also be willing to pay for quality security. At the same time, it will be up to all stakeholders – carriers, handset makers, security software makers, banks, and others – to offer rock-solid dependable products. Although consumers might balk at having to worry about security patches on their mobile phones, the prospect of an infected phone might be enough to spur them to greater vigilance.

Reality

The reality in the market today is that there is a dearth of comprehensive security solutions that involve mainstream users. To paraphrase noted wireless industry observer Mark Lowenstein, mobile security for enterprise users has been fairly solid, but worries remain about mobile security for consumers. Lowenstein’s solution is for a more aggressive, proactive and holistic approach to security – an approach that puts the onus on operators.

From NPD’s vantage point, vendors must get ahead of the potential problem while they can see it coming. It’s just common sense, as more consumers use mobile data applications on their handsets.

- Neil Strother, Research Director, Mobile Devices