Which is More Secure: Apple’s iOS or Google’s Android?

Share this post

Some time ago, we wrote an article on the mobile OS headache where we explained that today’s banks and fintechs must deal with +50% of their customer-base using devices that no longer receive security updates. While there is a growing list for how a device can get infected, the most common channels are:

  • 3rd party applications that have tricked the user into installing something
  • Security issues with the web browser
  • Phishing-links over email or text messages

Google Android is by far the most common OS. Used in phones running as low as USD 30, Google has a history of being liberal with their software rights, allowing nearly anyone to make Android devices. This comes at a huge disadvantage as traditionally, the device producer provided all operating system updates. But today, Google enforces device vendors to supply just two years of updates. Google has become increasingly stricter with its updates, moving many of them from being vendor-provided to Play Store-provided. While this helps make updates more widely available even after vendors stop sending them to users, it also places the responsibility in the user’s hands to search for updates and download them themselves.

With Apple’s iOS, the situation is a bit simpler: Apple typically only releases updates for the latest major version of their mobile operating system. This means that as of November 2020, the iPhone 6s and up are fully supported. The iPhone 6s was released back in September 2015, so users receive updates for about 5 years. Of course, there are some cases where security updates for older versions of iOS are released as well, such as the latest series of security patches which aimed to protect devices from root-level malware infections after users visited certain web pages. Apple’s iOS is a lot more restrictive in the installation origin of applications, as it is not possible to install anything from anywhere except Apple’s walled garden, nor is it possible to install an alternative web browser engine. This gives a lot less freedom to the user, but it also means that there are fewer “entry points” for malware.

Read the full article at okaythis.com/blog.

Who is Okay?
Okay is the fully PSD2 compliant Strong Customer Authentication platform that provides transaction and authentication security to apps, shielding the entire authentication process from any threats. We help all issuers, remittance services, and e-wallet providers comply with PSD2’s SCA requirements to deliver multiple authentication methods, including biometrics and strong security mechanisms at the point of transaction. Want to get to know us better? Visit okaythis.com.

More To Explore


Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.


Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?