Wi-Fi routers offer somewhat of a "free ride" for Android mobile devices. Logging into a router cuts down on data consumption costs. Wi-Fi also provides a reliable alternate internet connection where cellphone reception is a problem.

Anyone who uses an Android tablet or smartphone on Wi-Fi should use a virtual private network (VPN).

Connecting an Android mobile device to a router offers a side entrance to hackers, who employ man-in-the-middle attacks to steal users' privacy, identity, and money. An Android VPN product like Surfshark is a secure line of defense for the Android device. (Get the Surfshark Android App here.)

Android is very secure, but there are other dangers.

In article on CSO online, author JR Raphael highlights security measures built into Android programming. According to Raphael, "the vast majority" of rumored Android malware threats "are purely theoretical." Likewise, the third-party Android security software essentially "duplicates protection already provided by Android."

So, anyone stumbling onto Android malware would have difficulty infecting the organization's data. Traditional computer viruses basically cannot operate within the parameters of Android.

Nevertheless, Android device users are vulnerable to non-Wi-Fi data breaches from a variety of vectors. For example:

Leaking confidential information. Sending company files to a public cloud storage service or pasting confidential information into the wrong place can cause accidental compromises. Those compromises can have serious consequences. When the data is private personal or medical information, HIPPA sanctions can bring fines and a host of costly corrective actions required by law.

Phishing, scamming, and social engineering. Email impersonators do not rely on malware. They rely on the curiosity and gullibility of smartphone users, who are constantly checking their smartphones. In fact, one security firm FireEye reported that in 2018, an astonishing 91 percent of cyber-crime started with email.

Aging and out-of-date devices. Don't look for timely device software updates or quick security patches for Android devices. The problem is especially critical when it comes to Android-driven gadgets on the internet of things, some of which are not even designed for upgrades.

Poor password practices. Android users still are not securing their accounts properly. Some carry Android phones with company accounts and personal sign-ins. A Google and Harris Poll survey found that over half those surveyed use the same password over multiple accounts.

Worse news is that only a quarter of the people surveyed bothered using a password manager. Without a password manager and its automatic strong password generation, it is likely that most passwords are easy to remember-and easier to crack.

Wi-Fi breaches and man-in-the-middle attacks

Android smartphones are hard to crack, but mobile devices are only as secure as the networks they connect with to transmit and receive data. The Wi-Fi "free ride" discussed at the beginning of this article was highlighted in one survey with this unsurprising fact: corporate mobile devices rely on Wi-Fi almost three times as much as they use cellular data.

Then there are all those free Wi-Fi networks luring travelers into insecure and potentially compromising cyber-attacks. This threat is where a mobile VPN can help. (See reviews of Surfshark on Playstore.)

VPNs work on smartphones as well as desktop computers

A general benefit of VPN is that it provides secure access to a corporate network from any location. A mobile VPN, though, usually relies on a cloud service, like Surfshark. Mobile VPNs have "Iogical" addresses rather than the traditional VPNs, which require a stationary address.

Protection provided by an Android mobile VPN

Unprotected Wi-Fi hotspots offer opportunities for hackers to capture the wireless signals of nearby users. Hackers have created fake networks with authentic-looking names. A victim connecting to a bogus network could compromise passwords and account information. The hacker, in turn, could use that information to empty a bank account.

Mobile VPNs also block intrusive and performance-slowing ads. When an ad for a product a user bought shows up repeatedly on a user's browser, it can be annoying and a slightly creepy. Mobile VPNs hide the user's browsing activity, protect privacy, and improve browsing speed with ad blocking.

VPNs bypass geo-blocking.VPN users can opt to log on through servers other than their current location. Doing so, gives the user access to local pricing, ads and streaming services that might not be available at home.

VPNs promote anonymity. A VPN blocks the user's true IP address and accompanying personal (metadata) information. Using random IP addresses, the VPN does not log any of the user's identifiable information. If a VPN provider receives a legal search warrant, the provider has no user activity recorded of any use to investigators.

A cautionary note to users seeking anonymity: Perfect anonymity on the web is nearly impossible to achieve. Law enforcement authorities have access to VPN vendors' connection records. Those records could reveal clues like software and configuration settings, and provide a trail to the user.

VPNs and performance tradeoff

Finally, consider this advice in the above-mentioned piece by JR Raphael: When selecting a VPN for an Android device, there is tradeoff between performance and security.

The delivery of VPNs "needs to be smarter with mobile devices." Consider factors like a VPN's effect on battery life. Look for a VPN that can be programed to activate only when absolutely necessary. The user does not need a VPN connection to read a news site or when working on an Android app that is known to be secure.

Bottom line

A VPN creates an encrypted and secure connection to the internet. No one else, including would-be hackers, can see what the user is doing. So, users who frequently connect to public Wi-Fi networks should install a mobile VPN on their Android smartphone. Likewise, it is a wise practice to encrypt apps to further protect privacy.

Summary and Conclusions

• The Android operating system is hard to hack, except when running through a Wi-Fi connection.

• There are, however other security threats to Androids like data leaks and email phishing.

• Unsecured public Wi-Fi hotspots provide opportunities for hackers to spy and penetrate the user's personal information.

• A mobile VPN protects privacy and masks the user's location.

• The VPN provides other benefits like bypassing geo-blocking and defeating Internet censorship.

• Android users who frequently connect to Wi-Fi portals should install VPN.