How to verify that Samsung Galaxy phone has not been compromised

Mr K

I wasn't paying close attention and updated my banking app via a link that supposedly connected to Google Play. I did NOT connect directly to Google Play. Not long after, I couldn't enter my banking app via biometrics. My password needed to be entered. Could this be just because the app was updated? How do I know that I didn't download malware? I deleted the app and haven't yet reinstalled it. Today, I couldn't access Google Play. I restarted my phone and was able to enter Google Play, NP. Then I installed Bitdefender Mobile Security which hasn't noticed any issues... Is it possible to do a deeper scan of my phone?

Alexandru_BD

Hello and thanks for joining us here.

So, a banking app asking for the full password after an update is not, by itself, proof that the phone was compromised. Many banking apps require a fresh password login after an update, security policy change, app data change, restart, or biometric token refresh. That said, because the update was started from a link rather than by manually opening Google Play, I think it's sensible to treat this as suspicious until verified.

Bitdefender Mobile Security does not usually offer a separate “deep scan” like the one found on desktop versions. On Android, its malware scanner checks apps before you install them. You can open the Google Play Store app directly, search for your bank’s official app, confirm the developer name, then install it from there. Also check for suspicious apps and permissions, so go to settings → apps and review recently installed or unfamiliar apps, especially apps with blank names, random-looking names, or apps you do not remember installing.

For peace of mind, you can also contact your bank if you entered credentials anywhere, to ask them whether there were any failed logins, new device registrations, payment changes, or any activity that could look suspicious.
Last but not least, a good practice is to change your banking password, Google account password, and any reused passwords. Enable or re-check two-factor authentication. Also review your Google account’s signed-in devices.

If BMS shows that the device is clean, and if there are no unknown apps, no unusual permissions, no suspicious banking activity, and the app was reinstalled directly from Google Play, that's a reassuring sign and I think there are no real reasons of concern. However, I think no scan can absolutely prove 100% that a device has never been compromised. If you still see abnormal behavior, or if your bank confirms suspicious activity, the safest final step is to back up essential personal data, perform a factory reset, fully update Android, and reinstall all apps only from Google Play.

I hope this helps.