Pixel XL Galaxy S7

A previous version of this article noted BlackBerry was not included on the list. After further review, the Google provided documentation shows they were, specifically the BlackBerry Priv.

In its 2016 Android security year in review post, Google highlighted steps it has taken over the course of the year to thwart malware and malicious apps on the Play Store. The company said that only 0.05% of apps downloaded from the Play Store in 2016 had a Potentially Harmful Application, down from 0.15% in 2015. Verify Apps — which periodically scans your phone for harmful apps — conducted 750 million daily checks in 2016.

Google has also collaborated with manufacturers and chip vendors like Qualcomm, MediaTek, and NVIDIA to address known vulnerabilities via monthly security patches. Over the course of the year, that included fixing 655 vulnerabilities — more than half of which were of a high severity, a 275% increase from 2015. The company said that it has delivered a security patch to 735 million phones covering more than 200 manufacturers and over 2,000 models, or roughly half of the 1.4 billion Android devices active today.

Google is now working to get updates delivered faster and to more devices, and in the process has shared phones that have received a "60% to 95%" update rate. Google checked Play Services for devices that ran the October security patch or higher during the month of December, and found that these were some of the devices that received quick security updates. Unsurprisingly, the list has a lot of Nexus phones:

  • Google Pixel
  • Google Pixel XL
  • Motorola Moto Z Droid
  • OPPO A33W
  • Nexus 6P
  • Nexus 5X
  • Nexus 6
  • OnePlus 3
  • Samsung Galaxy S7
  • Asus Zenfone 3
  • bq Aquarius M5
  • Nexus 5
  • Vivo V3 Max
  • LG V20
  • Sony Xperia X Compact
  • BlackBerry Priv

What is included in the list is the Vivo V3 Max, a best-seller in Asia last year. With Vivo and OPPO steadily gaining ground — they're now the fourth- and fifth-largest smartphone vendors globally — it's great to see these Chinese companies commit to regular security updates.

Asian markets are skewed toward mid-range devices, and it's telling that not a single phone from HTC, Huawei, Lenovo, and Xiaomi made the list. Samsung is also at fault here. Although the S7 picked up regular updates, the Galaxy J series — the company's best-selling lineup in India — is not featured, nor are any devices from the Galaxy A series.

Going forward, Google said that it would work closely with its global partners to streamline the update process, which should hopefully see more devices getting security updates on a monthly basis. If you're interested in the findings from the Android Security team, check out the webinar below: