Mobile Security Definitions

Lookout Scores Top 3 for All SSE Use Cases in Gartner® Critical Capabilities | Get Report

Why Lookout was named a visionary for SSE by Gartner®

Get Report

Sign-up for the latest Lookout news and threat research

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.


At Lookout, we try to avoid technical jargon (which is why we put Lookout’s privacy and security principles into everyday language), but sometimes even the savviest smartphone user can come across an unknown term or two. We hope you find this glossary of common mobile security terms helpful.

Ad network

An online or mobile ad network enables companies to target users with advertisements in multiple locations, and may track individual behavior.


Software that collects sensitive information about a person or device through an advertising platform, or serves intrusive advertisements outside its expected context without gaining proper informed consent from the user. Often implemented by an app developer through third-party ad SDKs for monetization purposes.


A smartphone mobile operating system released by Google in 2008.

Android market

The former name of the Google Play app market, an online marketplace for mobile apps that run on the Android platform. See Google Play.

Antivirus app

An app (like Lookout for Android) that scans the apps and files on a smartphone to detect and remove malware and spyware. See Malware


An app or application is a software program designed to run on a mobile device such as a smartphone or tablet. Apps are created for entertainment like Angry Birds, or for utility like Evernote. Apps can be downloaded to your smartphone from app markets like Google Play or iTunes App Store.

Apple iTunes App Store

Apple App Store is the online app marketplace for people using iOS devices like iPhone and iPad.

Application-based threat

Mobile software that presents potential security issues; can be designed to be malicious, or designed for normal use and containing unintended security vulnerabilities. Includes malware, spyware and adware.


Wireless technology used to send data between devices over short distances without any wiring or physical connection; commonly used to connect smartphone and PC accessories like wireless headsets, mice and keyboards.


A botnet or bot network is a group of computers that can be remotely controlled by a hacker that has placed malicious software onto each device. The botnet’s owner can then use all connected devices to propagate malware or email spam without the user’s knowledge. See command and control server.

Browser exploit

Designed to take advantage of specific vulnerabilities in a web browser, a browser exploit can be launched directly from a web browser or from a third-party extension such as a Flash player, PDF reader or image viewer.

Carrier IQ

Carrier IQ is software that comes pre-installed on some mobile devices, enabling mobile network operators and device vendors to track service quality and usage. Carrier IQ can be detected on Android phones with Lookout Carrier IQ Detector


Chargeware is an app where the user is charged for a service without clear notification and the opportunity to provide informed consent.

Command and control server

A command and control server or bot master is the central computer from which a hacker can compromise and control computers secretly connected to a bot network. See Botnet.

Download vs. install

On some unofficial Android app markets, app files (APKs) can be downloaded to your device without being installed. Once you tap on the file, the app will install on your device. When you download apps from the official Google Play app store, apps are automatically downloaded and installed.

Drive-by download

An application that is downloaded to a device without the users’ consent or even their knowledge. These secret downloads can be initiated just by visiting a website or opening an HTML email message.


DroidDream was the first malware found on the Android Market, affecting 250,000 mobile users. DroidDream connected the user’s device to a remote server to take commands. After the initial discovery, 80 unique variants of the malware were found.


Technology used to protect private data by making it unreadable to anyone without the encryption key.

Google Play

Formerly known as Android Market, Google Play is an online store for Android apps as well as digital books movies and music.


GGTracker was the first malware designed to steal from users in the US by using text messages. This malware “trojan” signed users up for premium SMS services without their knowledge—leading to charges of $10-50 on their phone bill. It is estimated that up to a million users were impacted by GGTracker.


The Global Positioning System or GPS uses satellites to provide location and weather information to devices. The term GPS also commonly refers to a navigation app or device used for driving directions.

Ice Cream Sandwich

Ice Cream Sandwich or ICS is the codename for the fourth major version of the Android operating system. Notable features include updated user interface, real-time voice dictation and full device encryption.


Apple’s mobile operating system for iPhones and iPads.


The act of unlocking an iPhone in order to make modifications to its operating system, features, files, or to install software not available in Apple’s App Store.

Live wallpaper

Live wallpapers are Android apps that provide an animated or interactive background for a device’s home screen.

Location services

Location Services allow location-dependent apps and websites (including Google Maps, Safari, and many third-party apps) to use information from cellular, Wi-Fi, and GPS networks to determine your approximate geographical location.

Network exploits

Exploits that take advantage of software flaws in the mobile operating system or other software that operates on local (e.g., Bluetooth, Wi-Fi) or cellular networks. They often do not require any user interaction, making them especially dangerous if they are used to leverage propagation of malware.


Malware is software that performs malicious actions while installed on your phone. Without your knowledge, malware can make charges to your phone bill, send unsolicited messages to your contact list, or give an attacker control over your device.

Mobile payment

Mobile payment includes multiple methods of using your mobile device to pay for goods or services. Examples include premium SMS, placing charges on your network carrier bill, or using Near Field Communication (NFC) to approve a charge by waving your smartphone over a merchant’s point-of-sale terminal.

Mobile threat

There are three primary types of threats that can compromise your mobile phone’s security: application-based threats, like malware; web-based threats, like phishing; and physical threats, such as phone loss or theft.

Mobile Threat Network

Lookout’s Mobile Threat Network scans apps on hundreds of mobile networks worldwide, constantly hunting for new malware and spyware. This proprietary technology enables Lookout Mobile Security to be the first to detect and block mobile threats for all of its users.

Operating system

The operating system (OS) is the underlying software that manages your device’s processes, hardware, software and memory. The apps you download use the operating system to tell your device what function to perform. The most popular mobile OSs are Android and iOS.


An app requests permissions for the different information or capabilities it will access on your device. Some apps may ask for access to your contacts, location or other information to perform specific functions. Lookout Privacy Advisor enables you to see what permissions have been granted to each of your apps.

Personal data

Information that can be used to identify a specific individual, such as their address, Social Security Number, drivers license or account numbers. In the wrong hands, this information can be used for identity theft.


Phishing is a scam that lures people to phony websites or user interfaces to trick a person into entering in personal information, like account login information. Attackers often use email, text messages, Facebook and Twitter to spread links to phishing sites.

Potentially unwanted application

A potentially unwanted application (PUA) walks the line between malice and undesirability. It may not explicitly violate an application market’s Terms of Service, or even its own Terms of Service, which makes it difficult to detect.

Premium SMS

Text messages that place a charge on the user’s mobile bill for their use. Premium SMSs are commonly used for the purchase of ringtones or for audience voting on television shows.

Push notification

Messages or emails that are sent to the user from a business or content provider, usually at the request of the user. For example, a social media site might send you an email or show a notification on your mobile device’s home screen when you have a new friend request.

Quick Response code

Quick Response or QR codes are square black and white patterns you see on signboards and advertisements everywhere. When you scan a QR code with a barcode scanner app, it will open your Internet browser to show you a specific website.


The name given to a special protected user account that has broad access permissions in order to administer and maintain a computer program or device. Changes made to the root can impact the entire system or override any account within the system.


A type of malware (malicious software) that gives an unauthorized user access to a computer or device. Once installed, the rootkit can take steps to hide its presence on the device.

Sensitive or private data

Information that a user does not want to be publically shared. This may include private photographs, names of children or other family members, contact phone numbers, personal emails or messages, browser history or access to social media accounts.

SD card

A small removable memory chip or card that provides storage for digital files on a device such as a camera or smartphone. SD cards are produced in three primary sizes, SD, miniSD and microSD.


Installing applications from a third party application distributor, not the Google Play app store.

SIM card

A small chip used to identify and authenticate a user so that their device can access a mobile network. These removable chips can be moved from device to device to enable a user to access the same wireless network with multiple devices.


A general term used to describe any phone that is built using a mobile computing platform. Most smartphones, including the iPhone and Android phones, use data access over WiFi or broadband networks to power applications or Internet-based services.


Designed to gather data about a large group of users, spyware collects or transmits sensitive data about a user without their knowledge or consent. Such data can often includes phone logs, text messages or location, browser history, or contact lists.


Designed to capture and transmit discreet and sensitive user information such SMS messages, voicemails or phone conversations. Differs from spyware by targeting specific individuals or organizations.

Third-party app store

A marketplace that sells or distributes mobile apps that is not operated by Apple (for iOS) or Google (for Android devices).

Toll Fraud

Malware that sends premium-rate SMS from your device, incurring charges on your phone bill. Some Toll Fraud malware may trick you into agreeing to murky Terms of Service, while others can send premium text messages without any noticeable indicators. Also known as “premium-rate SMS malware” or “premium service abuser.”

Web-based threat

Because mobile devices are often constantly connected to the Internet and are used to access web-based services, web-based threats that affect PCs can also present issues for mobile devices, such as phishing and drive-by downloads.

Unsecured WiFi

Wireless connectivity that does not use any type of encryption (WEP/WPA) to protect data as it travels through the air between a device and the wireless access point. Data transmitted through an unsecured WiFi network may be intercepted or viewed by unauthorized users.


A computer program that can replicate itself and move from one computer to another without assistance from (or knowledge of) the user.

Are we missing any important terms? Be a super user and let us know!

Discover how Lookout can protect your data