The findings come from a report published by Trend Micro in conjunction with Bloor Research and Altimeter that ranks the four main mobile operating systems for security.
The report follows the release in February by Trend Micro of Mobile App Reputation for Android and Symbian: a cloud-based mobile app scanning technology that is claimed to automatically identify, analyse and rate mobile applications for issues that could include malware, potential theft of private data and system resource abuse including battery, memory, and bandwidth.
Earlier that month Google revealed that it had been using a technology called Bouncer in Android market for several months to trap potentially malicious apps served up via Android Market. Trend Micro CTO, Raimund Genes, said it was "a great first step...but we still need to see security measures for all the other Android App stores."
When it revealed that it had been using Bouncer for some time, Google gave no indication of how many malicious apps it had detected, only that it had reduced malicious app downloads by 40 percent.
The problems with Android, the researchers say, relate partly to how the security is implemented and its dependence on user initiative and understanding. "The end user often fails to closely inspect the permissions request dialogue in their haste to use the app and, for the average end user, it is unclear when permissions are given and what the application is actually capable of.
"Once the application is installed, the OS doesn't recheck with the user and goes on to use the permissions without prompting the user again. This model, while theoretically more secure than the common sandbox on Apple iOS, has the net effect of putting each user in charge of their own security, rather than the operating system."