200 Points
If possible, only obtain apps from trustworthy stores that support security updates and integrity checks. These are, for example, the Google Play Store, the GrapheneOS App Store or the Accrescent project.

More information

F-Droid and the Aurora Store also offer open-source apps, but have known weaknesses when it comes to updates and signatures. Only use them if you are familiar with the risks (apps could be malicious). Manufacturer websites can also be trustworthy - but check whether the app there is signed and up-to-date. Apps from the Google Play Store may be safer, but you will be tracked by Google and need PlayServices and a Google account. Projects such as Accrescent or GrapheneOS App Store are preferable, but so far only offer a few apps. Tip: Only install apps that you really need. Every app is a potential risk.

Particularly important for the following target groups:

  • Fraud and rip-off

Other categories

  • Apps and operating system
  • Rather more complicated

Sources and further links

  1. Android malware: 90 apps with 5.5 million installations discovered, heise.de, (de), 2024-05-30
  2. Black Hat Europe 2023: New "AutoSpill" attack on Android password manager, heise.de, (de), 2023-12-10
  3. Download accrescent app, accrescent.app, (en), 2022-03-06
Show complete list