Sophos Intercept X for Mobile: The Best Free Antivirus for Android?

Sophos might not be the first name that comes to mind for the average consumer in the cybersecurity field, but it is one of the top players in the industry. It offers a wide variety of security tools, including the industry-standard HitmanPro. For quite some time, it has provided security solutions for home users, scoring fine results according to independent security labs. In this article, we will test its free anti-malware tool for Android devices, Sophos Intercept X for Mobile. Can it stand its ground against the competition?

Prologue

Android is the most popular OS, and for good reason. It is free to use, flexible, versatile, and based on the Linux Kernel. Although it is pretty safe at its core, it still suffers from vulnerabilities and exploits like all OSes. So, keeping your device up-to-date and being cautious is essential. Moreover, an antimalware scanner for an extra layer of protection is recommended (especially considering how long vendors and Google take to deliver critical updates and old, unsupported devices). Many mobile vendors offer their pre-installed antimalware solutions with moderate protection levels, but there are stand-alone tools to install, too (Google offers its somewhat inadequate GooglePlay Protect). All the top players in the cybersecurity industry offer their tools for Android devices. Some of these might be free but limited compared to their premium solutions, as part of an antivirus suite, or ad-based (a pretty controversial topic).

Sophos Intercept X for Mobile is an entirely free-to-use, almost full-featured antimalware that does not require extra fees or indirect tactics for what it offers. It implements a complete set of tools that many antimalware solutions provide at a price tag that is more than adequate for the average user. Thus making it an excellent choice as a free antimalware tool. Sophos is one of the top players on its field. It is a British company; and since 2020, it has been part of the American Thomas Bravo group of companies. Sophos initially offered end-point and enterprise solutions, but it has expanded to the home-grade field for quite some time now.

Sophos Intercept X for Mobile has been on the market for over a decade, achieving top performance and results on all independent AV lab tests. Full features, no advertising, all free, as it is described on Google Play. And that’s true. The app offers a decent set of tools without annoying the end user. And that is its core advantage against the competition. But is that enough to protect your device against emerging threats while standing its ground in the cybersecurity Android and iOS market? Let’s find out.

Tested on Android smartphones and tablets.

How to install, Usage, and Configuration

Installing Sophos Intercept X for Mobile is as easy and convenient as any other Android app. Open the Google Play app, type Sophos in the Search bar, download it, and install it. You can uninstall it the same way (Google Play), too. It is compatible with Android 8.0 and later devices. The Sophos tool is marked as incompatible with some dirt-cheap devices that utilize shady practices. That is not Sophos’s issue, but rather the device’s because of the flawed, suspicious design. At the first launch, the app will ask you for some necessary permissions, and you may grant access or not according to your needs.

Keep in mind that some features need these permissions to work as they should. In my personal experience with the app, there is no issue or incompatibility on rooted and custom Android flavors, so that’s a plus. It asks only for the necessary permissions and doesn’t seem to manipulate them shadily. In the “Settings” menu, disable (toggle off) “Data tracking” (this is a rule of thumb on any app).

On the “Settings” menu, configure these:

• “Schedule scans”: It is not necessary. Only if you need to.
• “Manage allowed apps”: If a reputable app is marked as suspicious, you can whitelist it. Unfortunately, Intercept X is not immune to false positives.
• If asked, install “Security & Antivirus Guard.” Depending on the device and the configuration. It has not been updated since 2020, though.
• In the “Targets” section, toggle on “Scan system apps” and “Scan storage.” System apps are pre-installed or fundamental apps for the OS. If you notice any incompatibility, toggle it off.
• On the “Live Protection” section, toggle on all of them.
• You may choose how you want updates installed in the “Update mode.” If you regularly use cellular data on a limited plan, selecting the “Wi-Fi only” option is best.

On the “App protection”:

• “Base configuration” > “General settings” > “App protection turned on (toggle on)> set a password (prefer the password method).
• “Protection configuration > toggle on the three options except if you don’t want apps to be protected.
• “App selection”: Select the apps that you want to be password protected. Keep in mind that some apps might not “play nicely” with this feature.

The “Log” section: Check or clear the app logs.

Privacy Advisor: Revise the installed app permissions.

“Back up & Restore”: If necessary, back up your antivirus settings. Restore, if required. Optional.

“Authenticator”: If necessary, click the “+” button and add an OTP. Optional.

“Password Safe”: Import a password-safe file or create a new one. Optional.

“QR Code Scanner”: Grant camera permission to have URLs scanned by the app for suspicious content.

“Device Security”: Set the necessary changes according to what you need to.

“Network Security”: Set the necessary permissions and turn them on. In Web Filtering, choose what kind of content you want to be reported (e.g., you can allow tobacco content). It is not essential, but it is best to have them enabled.

“App Security”: “SHOW SCAN DETAILS” and perform a manual scan whenever necessary. Keep in mind that Sophos scans all apps and files in real-time and notifies you about the results. If you want to clear the notification (if it persists), go to notification settings and toggle it off and on.

“Autostart required”: If configurable, set it on.

“Corporate management”: Only for premium Sophos users.

After setting all the above, you are ready to go. Keep in mind that battery usage, a slight thermal increase when scanning, background processes, and false positives are present so it might need additional configuration. Nothing is perfect.

Performance

Sophos Intercept X for Mobile achieves top performance and scores in independent AV labs. In March, it was slightly behind the overall industry standard but not in widespread and known threats, which are essential for the average user. You should note that all the AV tools might occasionally not keep up with the standard, as it depends on different factors. In my real-time testing (real-time and manual) scored 100%, but keep in mind that I don’t have access to highly sophisticated exploits and threats.

A full scan of about 30GB data (3468 files, internal and on SD card) took around 6 minutes to complete, scanning thoroughly apps (files don’t need deep focus). So, it takes its time, especially against the competition, but it scans in depth (depending on the settings). That said, for the average user, achieving almost excellence is way more than enough.

Still, some false positives were present, but only as low-reputation apps. This means that these apps are not too popular, are not in-depth analyzed, ask for permissions that might be suspicious, or a combination of all those mentioned above. You can turn off this setting if you want, but it is best not to. Just whitelist the app if you are confident it is legit. In my case; all three apps are legit (mygov, NBA mobile game, and CBR reader). Unfortunately, these apps have been identified as low-reputation ones for too long. I think the Sophos Team should take care of it.

Sophos Intercept X for Mobile is moderate on resources, not negatively impacting performance. I noticed only a 10%–12% decrease in battery life (but a temperature increase when scanning) compared to when it is not installed. That depends on the usage and the tasks, of course. Moreover, with the Web filtering on, Intercept X kept me safe from known suspicious sites, averaging 81%, but almost 92% on what matters the most. So, its web filtering is decent for the average user.

The app protection feature works well. However, some apps don’t play along with this feature, mainly because of their design. If you notice any issues, turn off this feature for these apps. There is nothing to complain about. Network security-wise, it scored well on tracking captive portals, unsafe settings, and potentially dangerous public hotspots. This is essential for privacy and safety as well. You may notice a strange behavior in the app that seems like a bug to me. Occasionally, the app appears stack in scanning mode without actually scanning anything. I don’t know the root cause, but a reboot of the device resolves this issue. So, keep that in mind. There is nothing more to add in this section; let’s proceed to the “Epilogue.”

Epilogue

Sophos Intercept X for Mobile might be the most solid option as a decent antivirus for Android devices without extra fees and annoying practices. If you want an excellent, customizable, user-friendly free antimalware tool to protect your Android devices, then Intercept X is your best bet. It is also available for Apple iOS devices, but I didn’t have the chance to test it on their platform. I believe it would be adequate, though. It is a sturdy product from a top player in the cybersecurity field.

Results

( 0 is the minimum, 5 is the maximum )

• Overall Performance: 4 / 5
• Usability: 4 / 5
• Features: 4 / 5
• Usage experience: 3 / 5
• Scanning: 4.5 / 5
  
• Networking: 4 / 5
• It is ideal: for users who want a free rock-sturdy cybersecurity tool for their Android devices.
• Verdict: Highly Recommended