Last week, a simple experiment exposed a glaring gap in Android’s theft-protection system: a phone snatched from the hand of its owner stayed unlocked and fully accessible.
The test was straightforward. A friend was asked to grab an Android device mid-use. After a few attempts, he pulled it off — and the phone never locked.
Android’s Theft Detection Fails in Practice
Google introduced Theft Detection Lock in 2024, billing it as an AI-powered feature that detects the sudden motion of a snatch and locks the screen automatically.
In practice, it Does Not always work.
Repeated real-world Tests Show the feature fails to trigger consistently when a phone is grabbed from a stationary user’s hand. The motion signature — what the system is designed to detect — apparently does not register reliably in every scenario.
That is a significant problem. Theft by snatching is among the most common forms of street crime involving mobile phones. London's Metropolitan Police recorded more than 90,000 mobile phone thefts in the capital in 2023 alone, many involving grab-and-run tactics.
What Google Promised
Google announced Theft Detection Lock alongside two companion features — Offline Device Lock and Remote Lock — as part of a broader Android security push rolled out via Google Play Services update 24.18.
Offline Device Lock is designed to secure the phone if it goes offline for an extended period after a theft. Remote Lock lets an owner lock their device using only a phone number, bypassing the need to access a Google account.
Still, the centerpiece feature — the one meant to respond in real time at the moment of theft — remains inconsistent.
Google has not publicly disclosed the detection accuracy rate for Theft Detection Lock, and the company did not respond to requests for comment on reported failures.
Apple’s Approach Sets a Higher Bar
Apple, by contrast, built its equivalent protection directly into iOS at the system level.
Stolen Device Protection, introduced in iOS 17.3 in January 2024, requires biometric authentication — Face ID or Touch ID — before allowing access to passwords, payment methods, or account settings when the phone is in an unfamiliar location.
Crucially, it also imposes a one-hour security delay before a user can change an Apple ID password or disable the feature itself. That delay alone closes the window that thieves rely on to lock victims out of their own accounts.
Apple’s system does not depend on detecting the physical act of theft. Instead, it assumes the device may already be in the wrong hands and raises the authentication barrier accordingly.
That architectural difference matters. Android’s Theft Detection Lock must correctly identify a snatch as it happens — a motion-sensing problem with real-world variables. Apple’s system activates based on location history and then demands biometrics, regardless of how the phone changed hands.
The Broader Stakes
Phone theft carries consequences well beyond the loss of hardware. A phone seized while unlocked can expose banking apps, email, social media accounts, and stored passwords within minutes.
Barclays Bank estimated in 2023 that over half of fraud cases it reviewed where a mobile device was involved began with phone theft — often with the device already unlocked at the moment it was taken.
Android holds roughly 72 percent of the global smartphone market, according to IDC, making the reliability of its theft-protection features a population-scale concern.
Google has continued to iterate on Android security across successive releases. Android 15, released in late 2024, introduced additional protections including enhanced Private Space — a separate locked profile for sensitive apps — and tighter restrictions on sideloading Apps That request dangerous permissions.
