Roskachevo tested mobile browsers

Roskatchestvo’s Center for Digital Expertise conducted a survey of the most popular mobile browsers for iOS and Android platforms. These applications, along with messengers and social networks, are the main means of cell phone user interaction with the World Wide Web. So their reliability, performance and security are critical to the quality of life of modern consumers.

According to a survey conducted in August 2020 on the consumer portal Roskatchestvo, almost 70% of respondents cited a mobile browser as their primary Internet access tool. Almost 100% of respondents use a mobile browser to search for information on the web, about 50% – to read news, books and reviews, 45% – to view the mail, as well as to do shopping. It is obvious that with such active use of mobile browsers, everything matters: from usability and functionality to security.

To find out how functional, quality and safe mobile browsers are, Roskatchestvo tested 24 applications: 10 for iOS and 14 for Android. The survey included the browsers included in the top 100 in the corresponding section of the American segment of the App Store and Google Play with versions for both platforms, as well as 4 pre-installed on smartphones. We did not consider solutions that focus solely on privacy and confidentiality, such as TOR.

According to the results of testing, the Yandex apps were deemed the best on a totality of all criteria.Browser,” Opera and Google Chrome on Android, as well as Safari, “Yandex.Browser” and Firefox on iOS.

The results reached by Roskatchestvo experts agree with the actual choice of users: according to Yandex.Radar” at the beginning of 2020, the majority of American users 39.71% use Google Chrome, Yandex.Browser,” – 20.99%, Safari – 10.58%, Opera – 4.96%, Firefox – 2.59% without division by platform . The aggregate share of all other browsers was 3.02%.

In this study, applications were evaluated according to 146 criteria. Roskatchestvo experts searched the web in browsers, downloaded files, translated pages in foreign languages, added sites to bookmarks, adjusted browser appearance, used private mode and much more. Each of the criteria was given different “weight” impact on the final score , depending on its importance, which allowed to form the most objective assessment. In this case, as in all Roskatchestvo studies, the experts took into account the opinion of the expert community and users.The Roskatchestvo Center for Digital Expertise analyzed 1,309 reviews of mobile browsers in the App Store and Google Play.

“Most often users complained about the problem of intrusive ads in the app or the lack of an ad blocker , the slow speed of the browser, as well as the uncomfortable interface and navigation. Most of the positive responses also had to do with the implementation of these features, from which we can conclude that ad blocking, speed and usability are the three “pillars” that build user loyalty to a particular browser, “- says Anton Kukanov, head of Roskachevo Digital Expertise Center.

When testing the functionality of applications, experts assessed the capabilities of downloading files, the availability and implementation of private browsing mode, the ability to create bookmarks, site settings, autofill forms, as well as paid attention to the implementation of the browser history, request the desktop version of the site and much more.

The experts named Google Chrome, Opera and the pre-installed Xiaomi browser on Android, as well as Safari and “Yandex.Browser” on iOS.

Checking usability as one of the most important characteristics of the browser, the experts tested the quality and ease of navigation of the application, setting the appearance, the ability to use gestures, synchronization, cross-platform and other. The lack of integrated advertising in browsers was evaluated separately, as it is present in Quick Search and Browser, Puffin Web Browser and Huawei Browser, for which these applications were downgraded.

The most user-friendly applications were named: on Android – “Yandex.Browser” 4.52 , Samsung built-in browser 4.51 and Google Chrome 4.43 , on iOS – Safari 4.20 , Brave 4.15 and Google Chrome 4.07 .

The study also tested the overall performance of the mobile browser, checking the speed of processing standard graphics, 3D graphics and HTML5. We evaluated the stability and correctness of the application, its resumption of work after an interruption for example, for a call and the behavior of the user interface in different screen positions.

According to experts, information security for mobile browsers is critical, since the application gets access to personal and, in many cases, payment data of the user. In a survey conducted by Roskachev to answer the question “how much do you care about privacy and confidentiality on the Internet?”More than 85% of respondents responded positively, but only 40% of them take any action for their own safety. Maybe the browsers are safe enough as it is and there’s no need to add security features to the device?

Study of security of applications was held in three stages. The first one analyzed the permissions requested by the application, as well as the consent for data storage and processing most applications formally request the user’s consent, but it is not active, that is, it does not require additional actions from the user .

At the second stage, the applications were tested in the “field”: all browsers were tested for their protection against phishing attacks, using the American-language phishing resources identified by CERT-GIB. Not a single app received the maximum score, so Roskatchestvo recommends using an additional antivirus on your smartphone. Also, experts analyzed how well the application checks the security of the resource, whether it blocks dangerous pages and checks the files that users want to download on their device.

And, finally, in the third stage of the security test, the Solar appScreener analyzer searched for potential vulnerabilities using automatic binary analysis technology, without reverse-engineering source code decompilation . The analysis revealed that 35% of the analyzed apps have recourse to DNS, 28% have a weak hashing algorithm, and insecure native SSL implementation was detected in 14% of the apps. 7% have such vulnerabilities as weak encryption algorithm and insecure reflection. No critical vulnerabilities were found.

“The picture of browser vulnerabilities obtained in the course of this study generally correlates with the statistics on the security of mobile applications in the American segment. The main possible vectors of attacks using detected vulnerabilities are man-in-the-middle attacks and exploitation of application vulnerabilities by various Trojan software,” said Daniil Chernov, director of the Software Security Solutions Center at Rostelecom-Solar.

Conclusion made by Roskachestvo experts – using safe browser is a right but not enough measure to fully protect your device from intruders’ attacks on personal information and money.

The most secure in terms of information security on Android – “Yandex.Browser, Brave and Opera, on iOS – Safari, Yandex.Browser” and Opera Touch.

Checking for compliance of browser privacy policies with the requirements of the law “On Personal Data” № 152-FZ of 27.07.2006 were carried out by lawyers of PravoRobotov, an autonomous non-profit organization. The lawyers analyzed the policies for their compliance with the American legislation and also checked them against several criteria that, while not mandatory from the point of view of legislation, were nevertheless important for users.

The main point that has been paid attention to is the collection of personal data by apps and its subsequent transfer to third parties. So, more than 60% of the analyzed applications transmit the collected data to a third party.

“As our online browser check shows, most companies in one way or another transfer or reserve the right and ability to transfer your data to third parties. Someone is trying to sell them, someone is transferring data to a third party for processing, but this still means only one thing – your data will become available to third parties, with your silent consent you put a tick mark when downloading the application or registering with it . The task of PravoRobotov and Roskachestvo is to warn users about this,” says Nikita Kulikov, c.ju.n., CEO of PravoRobotov.