Android app makers need to take it upon themselves to keep user data safe, as handset providers are not “demonstrating the urgency” needed to bring Google’s software patches to users, according to Norwegian app security firm Promon.

Tom Lysemose Hansen, founder and CTO at Promon, believes delays in making regular patches available can have “serious consequences in terms of increased data theft and fraud“, causing damage to the reputations of handset vendors and, by association, app providers.

He said that by introducing self-defending app software, developers can take charge of their customers’ data security by protecting their apps from any threats that may find their way onto a user’s device.

“What developers need to realise is that they represent a crucial cog in the Android cyber-security machine. With handset developers representing an unreliable and inefficient medium through which data can be secured, it’s time for app makers themselves to step up. Hackers are refining their craft; it’s now up to the app providers to refine theirs,” he said.

He added that Google’s own Nexus devices now receive updates, but adoption among other vendors has been “patchy”.

Google’s Android Security 2015 Annual Report acknowledges the problem, stating that, despite steps to introduce patches to combat issues, 29 per cent of Android models are not supported to receive these regular updates.

It said it is increasing efforts to help partners update more devices in a timely manner.