When a ‘Unicorn’ Can’t Innovate, They Resort to Fake Security by Labeling Competitor as ‘Spyware’

On a Friday morning, I received a gut-kicking phone call from a large client — a Fortune 100 company. On the other end was the person in charge of their global IT security. With a slight panic in his voice, he says, “Senai, I think your app has been compromised. I am about to bring this up to our CIO shortly and I need your team to do a sanity check for us.” I couldn’t believe it. We eat, sleep and breath mobile security, this couldn’t be happening to us, could it?

My client continued “we received a shipment of new Androids, with Lookout pre-installed on them. We just installed the Better app on a few of the Androids, and Lookout is flagging your app as spyware, telling us to delete it. Can you guys replicate this on your end and see what’s going on?”

As soon as he mentioned Lookout, it started making sense (more on this later). I looped my head of engineering into the call, we gathered forensic details and went to work. We’ve been the target of their unwanted focus since Fortune and Gartner named us as emerging leaders in mobile threat defense alongside Lookout in January 2017.

My company’s flagship product is called Better ActiveShield. It’s an app that keeps enterprise users of iOS, Android and Windows smartphones safe from malware, spyware and other mobile threats. Once installed, our app scans the device for malicious apps, and notifies the user to act. Flagging us as spyware is like calling an oncologist — “cancer”.

We wanted to get to the bottom of this, so we recreated our client’s scenario on multiple devices and took an outsider’s approach to deconstruct our app. This meant reverse engineering our own app to find anything that may trigger a false flag. We found nothing. With our entire team intensely testing every likely scenario, I called our client back an hour later to assure him that Lookout was falsely flagging our app.

We went into DEFCON1-mode over the weekend. I was flooded with calls, texts and emails from other clients, prospects, sales directors and partners, asking about what the Lookout-spyware deal was all about. My engineering team spent the sleepless weekend continuing our investigation.

Our initial assessment was correct, Lookout was falsely identifying Better ActiveShield as spyware on Android devices.

Lookout described our app as a threat by claiming “This application can send user contacts, phone call logs, or text messages to a third party server. This can cause sensitive information to be shared with a third party”. Our app can’t access user contacts, call logs or text messages because we never even request permission to access them, let alone send any of those items to third parties.

For Lookout to make such an egregious claim means either their software is extremely unreliable at detecting real malware, or Lookout is making a deliberate effort to disseminate fake information about Better’s app, in an attempt to unfairly compete with us.

Lookout itself requests permission for Contacts, Camera and Phone and but we do not

Ironically, Lookout itself requests permission to find contacts on a user device, reads those contacts, can read user’s phone call log, and read phone status and identity. Lookout also takes control of the user’s camera. By their own definition, Lookout behaves more like spyware than our app does.

I had a reason for gaining sudden clarity when my client mentioned Lookout during the call.

A little background on Lookout. They started as an mobile antivirus for consumers, and entered the enterprise market later. To call them a giant would be an understatement: they raised over $280mm in venture funding, we raised $1.5mm. Just two weeks ago, their CEO boasted that they are spending more on R&D this year than the rest of the industry has raised in capital, combined. That’s a budget of over $80mm.

Lookout has recently been demonstrating seedy behavior towards us. We won several consecutive deals against Lookout over the past few months. As they began losing each deal, they resorted to gutter tactics reserved for caricatures of corrupt political campaigns. They made up lies about our product and financial viability — saying that we are going to be out of business in a few months. It was unsettling to see our largest competitor stoop down to this level, but there was more. They told the CTO of a major partner to ditch us because our technology isn’t sound and distasteful words about the diversity of developers that I will not dignify by writing it here. While Lookout’s rep seems to think diversity discredits our product, we see it as an incredible strength. Our partner found it off-putting, and responded saying our product has served them well and our team diligently supports their needs.

Lookout labeling our competing product “Spyware” is inspired in its audacity, if debased in its dishonesty and malice. I believe Lookout has a responsibility to its customers, investors and the industry to hold themselves to a higher standard.

We may not have $280mm to fight off a bully, but for every Goliath, there is a David.