Do you really need protection?

Every PC user knows that going online carries with it the danger of picking up a computer virus. But are the dangers the same with mobile surfing? Not quite... so far.

Nonetheless, there is plenty of talk out there about dangerous mobile software, a lack of awareness about the need to secure mobile devices and a heightened danger for mobile devices and their users.

But a lot of that talk is coming from internet security businesses that would like to see their wares on smartphones. Experts aren't quite as sure. Some even advise against virus-scanning software. It's enough to pay attention to the origin of the apps you download, they say.

"You could say that the anti-virus software makers have a great interest in playing up the danger, sometimes bigger than it really is," says Juergen Schmidt, chief editor of a German security publication. But he says the threat to smartphones is much smaller than that to Windows computers. "A virus scanner is, for now, definitely not a must for a smartphone."

The relative threat is not the same for all mobile operating systems. "At the moment, the risk for Android smartphones is higher. Some experts already say ‘Android is the smartphone Windows of the future,'" explains Schmidt, referring to Windows susceptibility to viruses on PCs.

There is also some malware out there that targets the old Symbian system, whose applications can be installed for free, like Android apps. Meanwhile, there aren't many threats out there for Blackberry or Windows mobile systems.

The best when it comes to security is Apple's iOS, since it will only accept apps that come from the official App Store, meaning they've all been reviewed by Apple.

"You can say what you want about the reviews by Apple, but it has certain advantages when it comes to security aspects," says Schmidt. At the very least, it minimises the chance of a virus spreading, since it can easily be removed from iTunes.

But iOS devices aren't the only ones that can do without virus scanners, firewalls and the like. Other systems are sometimes better off without, primarily because the security programmes slow down the smartphones. "It's another drain on resources. It affects the battery and sets off alarms," says Schmidt. "You get everything that people used to hate with Windows."

It would be better to have more pre-loaded anti-virus tests in the shops where the apps are sold, like Google's.

"In the mid-term, we need whole new technologies," says Norbert Pohlmann of the Institute for Internet Security at the Gelsenkirchen, Germany, University of Applied Sciences. That would mean separating vital from non-vital programmes on smartphones, for example. The biggest problem is the way that users blindly download apps: "It's a new challenge, to discipline oneself against downloading everything."

One vulnerable area is online banking, with banking Trojans trying to access bank security data. "The Trojans are trying to jump from PCs onto smartphones," says Schmidt.

The malware disguises itself as being from the bank and tries to access a mobile number. Smartphone users might be asked to install an app or a fake certificate.

Schmidt also advises that most people only install software from trusted sources. "That way you can shut out the majority of the risk and, at least for a moment, rest easy." But just one problem remains. There's always a good appetite for information linked to a user, especially from apps and the people who make them.

"You can pull more information than from a PC, even data about movement," explains Pohlmann. But that puts users in a dilemma. "Many apps are useful, and if you place a lot of value on data security and privacy, then you're kind of left there all alone," says Schmidt.

A compromise might be only using popular apps. "Users should only install widely used apps, not just any new thing with only a little market share, where you don't know what's behind it," advises Alexander Tsolkas, an IT security expert and freelance security adviser.

Mobile operating systems can really pose security surveys for users upon installation, which allow all users to set access levels. It's easy to get suspicious if a programme seems a bit too curious. For example, if a navigation app wants contact data, the ability to read text messages and the power to start up applications.

But the security questions are at best a blunt instrument, says Schmidt. "People have completely gotten used to just ticking off everything."

And even if they read the questions closely, most users are overwhelmed by the options. "It is very hard to judge accurately why an app needs to access certain data."

— dpa