Whenever a new phone comes out, it’s easy to get excited about its new features. But experts say users should take into account how long the devices they’re buying will receive security updates and buy phones that offer longer support. The upcoming Pixel 6 and Pixel 6 Pro, for example, both guarantee five years of security updates after release. “Security updates are crucial since they can protect users from the vast majority of mobile threats, especially when they’re used in conjunction with other good mobile security habits such as using a passcode, avoiding unsafe wireless connections, and avoiding sideloaded apps (apps downloaded outside the official Google Play Store),” Jasmine Henry, director of cybersecurity at Esper.io, told Lifewire in an email. “No software or firmware is perfect, and monthly updates keep you protected from the latest techniques used by hackers.”
Update Protocol
When it comes to long-term updates and support, Apple is the clear winner, with many of its devices like the iPhone 6S—originally released in 2015—still eligible for the latest operating system (OS) update, iOS 15. On the Android side of things, though, many phones are lucky to get three years of security support, let alone that many years of major OS updates. Each year, Google releases a new version of Android, making major changes to the OS and its security systems. But the updates don’t stop there. “Every month, Google publishes an Android Security Bulletin, and it’s up to manufacturers to integrate these changes. Not every manufacturer releases updates quickly, and some offer less than two years of update support,” Henry pointed out. While these patches don’t make any big changes to the user experience of the OS, they’re important because they make the environment your phone is running on more secure. We rely on our phones a lot each day; whether that’s texting, using social media, or watching videos on sites like TikTok or YouTube, every moment you spend on that device is a chance for your personal data to be stolen if you aren’t properly protecting yourself.
Due Diligence
Even when security updates are readily available, though, many users don’t take advantage of them. According to Verizon’s 2021 Mobile Security Index, over 93% of Android devices are running an out-of-date version, and that’s only when comparing major Android version releases. If that many users are unlikely to install the major updates that come out—updates that bring massive changes—then it’s also likely that many are missing out on the smaller patches released monthly for newer devices. It’s great to see companies like Google pushing the mark by offering five years of security updates, but these patches will only be worthwhile if users install them. Running an unpatched device means you’re choosing to put your data at risk. Considering many use their phones to access bank accounts, payment systems, and share personal data through texts and other communication means, Henry notes it’s important to always have the most up-to-date protection available. “Applying patches in a timely manner will protect you from the vast majority of security threats, since most mobile threat actors target known issues in unpatched phones,” she said.