Atleast not after reading reports such as http://www.av-test.org/en/tests/android. If you really want to harden your applications against the major security threats, then here is some good news for you from a security solution company MetaForce which has announced MetaFortress for Android last week.
MetaFortress provides high performance anti-tamper protection for Android applications, enabling developers to secure applications against subversion, all forms of tampering, and other malicious attacks.
How does MetaFortress protect your applications? It integrates seamlessly with Android development environments to prevent repackaging of applications with malware. It puts an end to silent hacking, such as SMS fraud or dialling of premium services. It prevents data theft and stops any binary or static data change from hacking or malware. MetaFortress for Android is an automated, enterprise scalable system which uses a resilient, embedded protection system to give protected applications their own immune system that can resist infection by malware, and minimise and repair damage caused by hackers.
MetaFortress is an application level security solution. Other product on similar lines is Arxan’ Mobile Application Protection Suite consisting of EnsureIT® , GuardIT®, and TransformIT®.This solution provides robust security by ensuring integrity for the application layer in the mobile environment. The product shield applications against reverse-engineering of IP, tampering of code, key discovery and other man-at-the-end (MATE) attacks. Other such solution is Cenzic Mobile that delivers services that analyze Mobile applications and detect vulnerabilities in critical areas, including input validation authentication mechanisms, session security, encryption usage and policy compliance, and many more.
Securing a mobile device involves much more than application security. It broadly has three aspects - Hardware Security, OS level Security and Application level Security. Hardware level security involves security at the System-on-Chip(Soc) level, at the processor level to prevent the user from switching to processor mode and cryptography which can be implemented through hardwired co-processor or software. Some security features are provided at the Mobile OS level which needs to be harnessed. Application level security also involves content protection through DRM etc. Security of the Mobile device as a whole in case of a theft is also an equally important aspect.
Taking into consideration each aspect of the security helps in coming out with a robust and completely hardened application. There are numerous solutions available at each level towards mobile security covering which is beyond the scope of this article, but keep watching the space for more information on mobile security.