Why people don't use anti-virus app on android?

Because most people are less susceptible to viruses on their phones. The phone environment is typically a lot more &quot;locked down&quot; than a desktop OS.<p>Not to say that it&#x27;s not a risk, but it&#x27;s one most people are happy to take (and largely get away with).

Play Services comes bundled with Android terminals (at least, as long as they come with the Play Store) and among other things, it monitors apps for bad behavior and check the apps you want to install. Mobile OSes come with a very lock down model, so it is harder for an app to monitor other ones (except for Play Services with its specific privileges), so it is probably way harder to create an AntiVirus app that actually does something useful. As long as you don&#x27;t install random apks (auto downloaded on shady websites or pirated apps), the chances of encountering an harmful app are very slim.

While there are plenty of android botnets out there, I&#x27;d say it is harder to get infected.<p>On windows you can get hit by many different attack verticals, where on android it is mainly from installing bad apps. As long as you aren&#x27;t installing bunk apk&#x27;s you are relatively safe.

There&#x27;s nothing to steal on my phone that isn&#x27;t already accessible on someone else&#x27;s server, and it&#x27;s unlikely that any software that I could download from the Play store can interact with Android with the kind of permissions that a real antivirus would need.

Android and PCs are an apples and oranges comparison.<p>On PC code can execute and do arbitrary things (Window 8 &quot;apps&quot; excluded). The only security protections on PCs is either ring 0 or not ring 0. It doesn&#x27;t matter if you&#x27;re Windows, Linux, or OS X the very nature of x86&#x2F;x86-64 is either &quot;root or not root.&quot; Virtualisation might change that equation one day, but containers still aren&#x27;t commonplace day to day.<p>So on PC application run away is a legitimate threat. You trust Adobe Reader, but if a website tricks Adobe Reader into executing an attacker&#x27;s code then Adobe Reader can do anything it has access to on that PC (which is everything in user-mode, which is a lot). So you use AV as a stop gap to try and catch some of these (although its effectiveness is questionable, things like Click-To-Play on browser plugins, automatic updates, NoScript&#x2F;Request Policy, and EMET are more reliable).<p>Android also has ring 0&#x2F;not-ring 0, but unlike PC very little runs in ring 0 anyway, and every user-mode application also has additional security restrictions placed on it. So for example downloading and executing code, while possible, it is far harder to escape even the application&#x27;s own context (since most of it is JavaScript in a WebKit component, not bytecode). So most code exploits don&#x27;t execute &quot;arbitrary&quot; code, they execute very restrictive code.<p>Plus then you have OS enforced app restrictions (manifest permissions). If an app gets hijacked by a bad guy, if the bad guy wants more access than the original author then they need to request it and that is user visible (might set off alarm bells). Even if they just keep the old permissions that may restrict what they can do.<p>Lastly the way Android is designed in general means certain common issues are mitigated, for example:<p>- Cryto-Blackmail (encrypt your stuff then blackmail you into paying or it will be deleted), most apps cannot access other app&#x27;s content, most content is backed up automatically, and if they can access other app&#x27;s content they may not get enough access to overwrite it.<p>- Sending spam or DDoS botnet: Android kills background processes. Android throttles processes using up too many resources.<p>- Stealing passwords: It is very hard for one app to &quot;spy&quot; on another app (rooted phones not withstanding). So if you enter your password on Chrome, you can reasonably be assured that the Space Invaders app didn&#x27;t &quot;see&quot; it (unlike PC, where one user mode process can trivially spy on another).