Samsung may dominate worldwide smartphone sales, but Huawei is doing a far better job of keeping its smartphones secure by one measure.
If you own a Huawei handset that is eligible to receive Google's latest monthly Android security patches, you're far more likely to receive the update than owners of an eligible Samsung device, according to a new analysis by security firm Duo Labs.
"Despite Samsung making up 62 percent of the Android devices in our dataset that could receive monthly Android updates, only 15 percent of eligible phones had applied the latest security patch, placing them fifth among the nine OEMs in our sample," wrote Olabode Anise from Duo Labs' R&D team.
"In stark contrast, 77 percent of Huawei phones that are able to receive security updates were running the most recent security patch," he wrote.
The results are somewhat surprising, given Samsung's early commitment to Google's monthly patches and the fact the Korean electronics giant is by far the biggest Android vendor in the world.
Duo Labs said it compared the share of Android phones that can't receive Google's monthly Android security patches with phones that are eligible for the updates but don't have the latest security patch, and those that can receive them and do actually have them.
However, it didn't explain in the blogpost what it considers as eligible devices, which may influence the results of the analysis.
Google's current distribution figures for different versions of Android show that 77 percent of Android devices the connect to the Google Play app store are running a version of Android that can receive a patch.
Google began providing monthly Android security patches in August and currently builds patches for Android 4.4.4 KitKat through to the current Android 6.0 Lollipop. The 23 percent of devices running on versions below Android 4.4.4 can't receive Google's Android security updates.
On top of this, it's up to Android handset makers to customise patches for each model while delivery largely depends on carriers. Samsung was the first major Android OEM to join Google's efforts, announcing in August plans to patch Galaxy S, Galaxy Note and Galaxy A series devices on a monthly basis.
Huawei, which Google contracted to make the Nexus 6P phablet, has never made a similar statement around monthly patching.
At a high level, Duo Labs analysis indicates Google's efforts over the past year to nudge Android device makers into patch more regularly has had had a limited impact.
According to the security firm, 68 percent of Android devices are eligible to receive Google's monthly Android security patches, but as of April 30, only a quarter of those handsets had the latest patch.
Sign up for Computerworld eNewsletters.