Testing Built-In Mobile Device Security Functions
October 14, 2014
By Jack Walsh

Mobile device manufacturers build an array of security features into smartphones and tablets. I suspect that the majority of us take for granted that these protections function and we assume that they will work properly when needed (e.g., remote wipe). But will they?

For several years, ICSA Labs has performed mobile device security testing on behalf of several mobile device manufacturers and mobile network carriers. Mobile devices are tested before they are available to users.

We test over twenty security protections that are built into Android and Windows smart phones and tablets. A few include:

  • Root Detection
  • Secure Boot
  • Authentication
  • Data Encryption
  • Local/Auto Wipe
  • Device Lock


Our test results may surprise you.  Our findings - following a device’s initial round of testing -indicate that some of the security functions built into yet-to-be-released smart phones and tablets do not function adequately.

On average, the devices we tested initially fail to properly implement close to 20% of the built-in security protection functions. To date only a single device passed mobile device security testing following its first complete round of testing.

Are these findings cause for alarm?


As long as manufacturers of Android and Windows devices work to resolve the issues and resubmit for another round of testing, ICSA Labs is confident that these devices will eventually demonstrate through testing that their security functions operate properly. 

These preliminary results should remind everyone of the importance of mobile device security testing.  Without it both mobile network carriers and mobile device manufacturers risk tarnishing their reputations if they fall short of protecting their customers.


Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

This question is for testing whether you are a human visitor to prevent automated spam submissions.
Enter the characters shown in the image.