Android smartphone owners are being warned that their new devices may put them at serious risk from cyber attacks and malicious threats. That’s the latest news from the consumer experts at Which? who say devices are being sold on long-term contracts that will no longer get vital updates to keep them safe. Most Android manufacturers offer two or three years of Android upgrades but networks are selling phones that may not get these vital patches by the time a customer’s deal comes to an end.
The problem is so bad that Which? says around 48 per cent of phones available could lose security support before the end of the contract period.
O2 is one of the networks that caused the most concern as it offers deals that last for 36 months.
However, it’s not just O2 with other mobile phone retailers also selling a whole host of devices that could lose security support before contracts ended. In addition to O2, the proportion of contract phones on sale where there were similar problems were Carphone Warehouse (52%), Mobiles.co.uk (50%), Vodafone (50%), Three (40%), Mobile Phones Direct (38%) and EE (33%).
To make matters worse, Which? researchers say that they came across a number of popular handsets that are due to run out of support less than a year into the contract.
READ MORE: iPhone 12 slashed in price as Apple fans offered more affordable way to upgrade
These included the Motorola G8 Power (sold by mobiles.co.uk and Vodafone), Oppo Find X2 Lite (sold by EE, Mobile Phones Direct, mobiles.co.uk, O2 and Vodafone) and Samsung’s Galaxy S9 (sold by Vodafone).
Although the lack of long-term updates on Android is nothing new, Which? says that it’s the lack of transparency from networks that’s most concerning.
Four in 10 (40%) smartphone owners think that if they buy a phone on contract it will receive security updates throughout the contract period.
In response to the report, EE and Three said they disputed some of the mobile phone models included in the analysis, stating that these phones would be supported until the end of contracts.
Vodafone added that “support generally extends beyond the timeframe you reference.” However, Which? believes these phones could be out of support before the end of contracts, according to its research.
It’s clearly worrying as, once security updates are no longer pushed out, phones become easy targets for hackers who can use malicious software to take over devices and even install apps that subscribe owners to premium services without their permission.
Speaking about the report Kate Bevan, Which? Computing Editor, said: “Mobile phones without the latest security support could leave consumers vulnerable to hackers, so it is important that manufacturers supply these defences for longer and that retailers are clearer with people about the risks posed by phones that will not receive vital updates for the duration of contracts.
“The government’s Product Security Bill needs to ensure that manufacturers state the date a device will be supported until – and that this information is clearly displayed on retailers’ websites. Devices need to be supported for five years minimum across all manufacturers so that consumers are better protected.”