CSA Releases New List of Recommended Security Apps to Boost Mobile Device Protection

The Cyber Security Agency of Singapore (CSA) has released a new list of recommended security apps to help members of the public identify suitable apps to download to better safeguard their mobile devices against prevalent phishing and malware attacks.

2. CSA first launched a list of recommended security apps in September 2023. Since then, CSA has reviewed this list and conducted a series of tests on 18 unique apps across Android and iOS devices. The tests referenced those that were carried out by established industry third-party test bodies such as AV Test and AV Comparatives. The apps were evaluated based on their performance in four categories, namely a. malware detection, b. phishing detection, c. network detection and d. device integrity checks. Of these, network detection and device integrity checks are new categories added in this review. Six security apps made the list (click to view the full infographic [PDF, 1.7 MB]).

3. The Four Categories

1. Malware detection involves the installation of the security app in devices and testing its ability to detect various malware samples – including original, rehashed and obfuscated samples. This process evaluates how well the app identifies disguised threats before they can compromise the device, making it crucial as a first layer of protection against a range of malware such as spyware and dropper.¹

1. Phishing detection is essential for identifying and blocking deceptive websites or suspicious URLs. The test involves accessing selected phishing links across different environments, such as via in-app browsers, dedicated browsers such as Chrome for Android users and Safari for iOS users or through a URL checker provided by the app. This is important as users will be alerted by the app when they attempt to access spoofed websites that can lead to identity theft or financial loss.

2. Network detection focuses on the security app’s ability to detect and alert users to common network-based attacks, such as Secure Sockets Layer (SSL) stripping and SSL decryption which are attempts to access or steal encrypted data. This methodology involves the simulation of such attacks to test whether the app can detect and alert the user to such attacks. This capability is important to protect users from data interception attacks targeting users’ financial details and login credentials.

3. Device integrity checks assess whether the security app can detect device settings that could potentially compromise the user’s security. The focus is on unauthorised rooting and jailbreaking modifications which could provide cybercriminals with privileged access to the device’s operating system. Other features such as the capability to detect the absence of authentication measures on the device such as biometrics also formed part of the assessment. These ensure that users are alerted to vulnerabilities in their device settings and help to secure the user’s mobile device environment.

4. CSA has assessed that for selected apps to be effective, they are required to score 50 percent and above in detecting malware and phishing attacks, given the stringent testing on the apps’ detection capabilities of malicious files and phishing sites at various stages. For the two newly introduced categories: network detection and device integrity checks, the criteria is a pass in either categories. This approach provides a balanced evaluation of new categories while ensuring effectiveness on the primary categories. Security apps marked as "Not Applicable" (NA) in a category indicates that the feature was not present at the time of testing. Apps must be minimally available in the Google Play Store or Apple App Store for their respective operating systems.

5. Mr Chua Kuan Seah, Deputy Chief Executive, Cyber Security Agency of Singapore said, “Cybercriminals are constantly devising new tactics to trick us and this is why installing security apps continues to be important. CSA has expanded the testing criteria for security apps to ensure that they are able to protect against rapidly evolving malware and phishing attacks. This list is intended as a reference to aid users in choosing which security app to download based on their needs and budget. CSA will continue to work with industry professionals and developers on improving solutions for the public to defend themselves against cybercriminals.”

¹ “Dropper” is a specific type of malicious software designed to deliver and execute other forms of malware onto a victim’s system and device.

About the Cyber Security Agency of Singapore

Established in 2015, the Cyber Security Agency of Singapore (CSA) seeks to keep Singapore’s cyberspace safe and secure to underpin our Nation Security, power a Digital Economy and protect our Digital Way of Life. It maintains an oversight of national cybersecurity functions and works with sector leads to protect Singapore’s Critical Information Infrastructure. CSA also engages with various stakeholders to heighten cyber security awareness, build a vibrant cybersecurity ecosystem supported by a robust workforce, pursue international partnerships and drive regional cybersecurity capacity building programmes.

CSA is part of the Prime Minister’s Office and is managed by the Ministry of Digital Development and Information. For more news and information, please visit www.csa.gov.sg.