CSA launched the first version of its list in September 2023. Since then, the agency has reviewed it and conducted tests on 18 unique apps across Android and iOS devices.
“The tests referenced those that were carried out by established industry third-party test bodies such as AV Test and AV Comparatives,” CSA said.
The listed apps were evaluated across four categories.
The first category is malware detection, which involves testing the ability of security apps to detect various malware samples – including original, rehashed and obfuscated samples. Apps were evaluated on how well they identified disguised threats before they could compromise the device.
This is crucial as a first layer of protection against a range of malware including spyware and dropper – a program designed to deliver and execute other forms of malware onto a victim’s system and device.
Due to the security architecture on Apple’s iOS, security apps cannot scan other iOS apps for the presence of malware. Therefore, that functionality cannot be tested on iOS devices, said CSA.
The second category, phishing detection, is essential for identifying and blocking deceptive websites or suspicious URL, CSA said.
The test involves accessing selected phishing links across different environments, such as via in-app browsers, dedicated browsers such as Chrome for Android users and Safari for iOS users or through a URL checker provided by the app.
Users will be alerted by the app when they attempt to access spoofed websites that can lead to identity theft or financial loss.
Network detection tests focus on a security app’s ability to detect and alert users to common network-based attacks, such as Secure Sockets Layer (SSL) stripping and SSL decryption – which are attempts to access or steal encrypted data.
Such attacks are simulated to test whether the app can detect and alert the user. This helps protect users from data interception attacks targeting their financial details and login credentials, CSA said.
Lastly, device integrity checks assess if an app can detect device settings that could potentially compromise the user’s security.
“The focus is on unauthorised rooting and jailbreaking modifications which could provide cybercriminals with privileged access to the device’s operating system,” said CSA.
Other features, such as the capability to detect the absence of authentication measures on the device – including biometrics – are also assessed.
These capabilities will ensure that users are alerted to vulnerabilities in their device settings and help to secure the user’s mobile device environment, said CSA.
The latter two categories were added in its latest review of security apps, CSA said.
For selected apps to be deemed effective, they are required to score 50 per cent and above in detecting malware and phishing attacks. In the newly introduced categories of network detection and device integrity checks, a pass in either category is required.
“This approach provides a balanced evaluation of new categories while ensuring effectiveness on the primary categories,” CSA said.
The apps are available in the Google Play Store or Apple App Store for their respective operating systems.
“Cybercriminals are constantly devising new tactics to trick us and this is why installing security apps continues to be important,” said Mr Chua Kuan Seah, deputy chief executive of CSA.
Mr Chua said that his agency has expanded the testing criteria for security apps to ensure that they can protect against rapidly evolving malware and phishing attacks.
“This list is intended as a reference to aid users in choosing which security app to download based on their needs and budget. CSA will continue to work with industry professionals and developers on improving solutions for the public to defend themselves against cybercriminals.”
