The paper notes that there's been two major updates since November 1 2014 (that's Android 4.4 and Android 5.0's preview), with the former now on over 41 percent of devices. These latest versions include better disk encryption, guest modes and improved authentication methods that allow guest users to use a locked device if they're a familiar face (literally), or near a trusted device -- say the guest's own smartphone. Devs also now have increased access to tools to detect (and fix) vulnerabilities, which should hopefully speed up solutions when something malicious appears.

The company's upgraded security has expanded to its Play online store front, with a "safety net" included that aims to protects users against non-app issues like network attacks. With regards to apps, the security team has found that less than one out of every million apps installed was deemed a malicious one. To identify PHAs (potentially harmful apps) before they even appear in Google Play involves a machine learning system that apparently pokes at millions of data points and relationship graphs for its security detection screen.

Google's data suggests that the percentage of Android phones that didn't have any PHAs stood at around 99.5 percent at its lowest in October 2014, although this figure excludes anyone that rooted the phone and, er, freed up the security system built into the mobile OS. Notably, this figure is from before both Android 4.4 and its successor. The company counts that it's got one billion devices protected by its Android security services: its Verify Apps service now scans over 200 million devices a day in the background, aimed at improving device security. Google is quick to add that none of your pics, location data or personal information is accessed. Phew.