Why we built ARK instead of another antivirus app

The antivirus problem nobody talks about

Norton Mobile Security has been around for years. It's installed on millions of phones. And it does what traditional antivirus does: it looks for known bad apps, known malware signatures, known threats. On desktop, that made sense in 2005. On mobile in 2024, it's almost theatrical.

Here's the thing. Your phone doesn't need to be scanned for viruses the way a laptop does. Android and iOS are built on sandboxing. Malware that actually runs on your device is vanishingly rare now. Instead, the real threats are invisible: a permission you granted once that you've forgotten about, a breach you never knew happened, an app harvesting your location without telling you, a phishing link in a message from someone whose account got compromised.

Norton antivirus catches none of these. It's like having a burglar alarm that only looks for crowbars while ignoring open windows. That's why we started with the question: what would a security tool look like if it was designed for 2024, not 2004?

The credit score idea came from frustration

I was sitting with one of our first beta testers, a woman in her late 30s who works in marketing. She'd been in three data breaches. She had Norton installed. I asked her: 'Do you know if any of your passwords are being shared on the dark web?' She didn't. I asked: 'Do you know which apps have your location permission?' She had to dig through settings for five minutes.

That conversation made it clear that security isn't binary. You're not 'secure' or 'hacked'. You exist on a spectrum. A credit score felt right because it's a metaphor people already understand. You can improve it. It's based on multiple factors. It gives you a number to track progress against.

ARK calculates that score across four domains: device security (patches, settings, lock screen), network exposure (Wi-Fi vulnerabilities, DNS leaks), app permissions (which apps have access to what), and breach exposure (have you been in a known breach, is your data on the dark web, are brokers selling your information). Each scan ends with a one-tap fix. You don't have to understand the problem to address it.

Norton doesn't offer this. You get a simple 'clean' or 'threat detected' message. There's no breakdown, no context, no way to track what's actually improving over time.

Privacy isn't a feature we added later

When we launched the free tier of ARK, we made a deliberate choice that surprised some investors. We don't track you. On the free scan, nothing leaves your phone. The permission check, the device security review, the stalkerware detector (which finds apps trying to hide themselves) - it's all on-device. No telemetry, no analytics, no server logs of what you've scanned.

This matters because a security app is asking for trust most other apps never get. We're reading your permissions. We're checking your apps. We're looking at your network traffic. If we're then selling that data back to advertisers or 'improving our service', we're the problem, not the solution.

Norton Mobile Security doesn't advertise what data they collect or how they use it. Their privacy policy is 28 pages. Ours is three. We tell you explicitly: on the free tier, we collect nothing. If you upgrade to Shield (£2.99 a month or £29.99 a year), we store your encrypted breach data and dark-web monitor results on encrypted servers. If you go to Fortress (£7.99 a month or £79.99 a year), we add GDPR audit tools and data-broker exposure checks. But you always own your data, and it's always encrypted in transit and at rest.

What Norton actually does well (and where it falls short)

I'm not here to tear down Norton for the sake of it. They have decent app scanning. They have a VPN bundled in. If you're someone who wants a single 'security solution' and you don't really think about digital security, it's not a terrible choice.

But that's the problem. Norton is built for people who want to install something and forget about it. They market with fear. 'Protect your phone from viruses.' Most people don't have viruses on their phone. What they have is exposure: to breaches, to permission creep, to phishing, to data brokers.

And the things Norton claims to protect you from, they often don't. Their antivirus signatures are reactive. They catch known threats. Zero-day vulnerabilities? Malicious apps that haven't been flagged yet? Those slip through. Meanwhile, they can't tell you if you're in a breach because that's not what antivirus does. They can't audit your 2FA because that's not what antivirus does. They can't check if your DNS is leaking because that's not what antivirus does.

ARK exists because we believe security should be proactive, granular, and honest about what it actually covers. You get a score that matters. You get scans that find real problems. You get fixes you can implement right then.

The stalkerware detector came from a very real email

We built the stalkerware detector into the free tier because I received an email from a woman whose ex was tracking her through her phone. She found the spyware herself, but only after months of suspicion. Norton never flagged it. It didn't match any signature in their database. It was invisible because it was sophisticated enough to hide from traditional antivirus.

Our stalkerware detector takes a different approach. It looks for the behaviours of monitoring apps: things hiding their icon, apps requesting permission to read SMS, processes running in the background with suspicious access patterns. It's not a signature scan. It's a behaviour scan. And it's free because some problems are too serious to put behind a paywall.

That's the philosophy running through ARK. We built a breach check because breaches matter more than viruses. We built a dark-web monitor because your data being sold is more dangerous than malware. We built a phishing scanner with QR and URL detection because social engineering is where real attacks happen now. We built permission audits and 2FA checks because humans are the security layer, and we need to know what we're actually exposing.

Norton's roadmap doesn't really evolve because antivirus is a solved problem (poorly, but solved). ARK's roadmap is driven by real threats people face in 2024.

Who ARK is actually for

We've found our audience. People who've been in breaches. Parents checking what their kids' phones are doing. Small business owners managing a handful of employee devices. Privacy-conscious users who think a bit deeper about what they're sharing. People aged 25 to 45 who understand that 'secure' doesn't mean antivirus installed - it means knowing what's at risk and fixing it.

If you're someone who's never thought about your digital security, Norton might feel good. It feels like something's protecting you. ARK is for people who want to actually know. Who want a number they can improve. Who want to run a scan once a month, see what changed, and fix it in seconds.

That's a smaller market than everyone with a phone. But it's the market that matters, because it's the market that actually cares whether they're safe or just feeling safe.