Security for Your Smartphone – Tips and Some Helpful Apps
The smartphone is the virtual manifestation of your identity. A person can find out almost everything about you when your smartphone falls into their hands; what you have been up to this year (calendar), how many friends you have (contacts, messaging apps, social media sites), what you and your children look like (gallery), how much money you have (online banking apps), or what you recently purchased (Amazon, eBay, other shopping apps). Just imagine how much damage can be done when someone else came to control that information.
- 1. Use Screen Lock
- 2. Keep Track of Your Apps and Permissions
- 3. Turn off tracking services you don’t need
- 4. Use Encryption on Your Smartphone
- 5. Get Anti-theft Software
- 6. Log out of Apps, Especially Before Using Public Wi-Fi
- 7. Switch of Bluetooth When You are not Using it
- 8. Make Life Difficult for Ad Networks
1. Use Screen Lock
We will start off this list with the most obvious, but at the same time most ignored tip. Lock your phone with your fingerprint, face recognition, a password, PIN, or at least a swipe pattern. When someone steals your phone or tries to access it when you leave it unattended for a second, they will need some time to crack it. It gives you enough time to set in motion other security measures.
But careful, greasy fingers can help people guess your pattern. And believe me it is impossible to keep your hands clean enough to not leave any traces on your screen.
Newer smartphones have a fingerprint scanner, or can be unlocked using face recognition. These bi-directional features offer maximum convenience – your phone is quickly unlocked, but not without a factor that is uniquely yours. A PIN is probably the best compromise between convenience and security if your device does not have a fingerprint scanner. Studies suggest that most people check their phone over a hundred times a day. That means you are going to have to enter your PIN or password very often. Chances are, you will get annoyed with entering a whole password every time. PIN is much faster, and still way securer than using nothing at all. You could start off with a PIN, and maybe move up to a password, when you figure out that it works for you.
2. Keep Track of Your Apps and Permissions
The options for managing permissions depend heavily on the smartphone’s operating system. However, you can usually choose which permissions you want to grant to which app. Assign them as sparingly as possible and check which permissions are really relevant for the functionality of an app. You may not need the full scope of functions for some apps.
Do not install apps that ask for too many permissions. An example of an app that required an extensive list of permissions: Pokémon GO. Why do they need access to your contacts and full access to your Google account? Well, they say the second one was a mistake and is fixed now. But the permissions list is still very long.
A useful app to keep track of which apps can access which feature is MyPermissions. It organizes your apps in different categories and shows you, for example, which app has access to your camera, or which app can access your contacts.
3. Turn off tracking services you don’t need
Check which apps have access to the GPS location of your smartphone. You will be surprised who is interested in from which bakery you get your rolls. To prohibit access to your location you have to dive deep into the settings of your smartphone. Location data on iOS can be accessed via Settings -> Privacy -> Location Services. There you can have a look at the permissions. If you also want to deactivate the “Important Places” that Apple saves from every iPhone, then click on System Services. Location data on Android can be accessed via Settings -> Location -> App permissions. Here you can see a list of all apps grouped by access permissions that are allowed to use their location always, only while using, or never. Also consider whether you really need Google Location Sharing and disable this setting. Otherwise, Google will store your daily routes indefinitely.
4. Use Encryption on Your Smartphone
Encrypt your data in the cloud, for example in your Dropbox, OneDrive, Google Drive, or iCloud: The encryption technology in Boxcryptor offers perfect security with many useful features. For example: share files securely with Whisply “Powered by Boxcryptor”. Since the service is already fully integrated in Boxcryptor, sharing is easy in your Boxcryptor drive, just right-click on a file.
Encrypt your communication: The options of encrypted communications became much better, since WhatsApp introduced end-to-end-encryption. We provide you with a list of secure messaging apps in another blogpost of ours. For email we recommend ProtonMail to keep your conversations secure. ProtonMail is available on Android and iOS.
Encrypt your phone data: When you protect your phone with a PIN, someone could still connect it to a computer and get your data. But when you encrypt your phone, it is much harder to gain access to your data. On some devices, such as Samsung, you will not get around using a password, but the extra security is worth it. Most Android devices and iPhones come with encryption. Check if this is activated on your device. If not, encrypt it yourself. Find out how here.
5. Get Anti-theft Software
Starting with iOS7, Apple allows users to remotely disable their iPhone in the case of theft with the Activation Lock. The launch of the feature caused a huge drop in iPhone thefts.
Android offers built in anti-theft protection starting with Android 5.1. For phones that run on an older operating system, we recommend using additional anti-theft apps. Avast Anti-Theft is free and it allow you to track, lock, or wipe data off your phone in case it is stolen. Additionally, you can take pictures, or listen in on the surroundings of your stolen phone, remotely. To annoy the thief a little, you can sound an alarm. With Avast, your phone counts as stolen as soon as the wrong password to unlock the phone has been entered three times.
6. Log out of Apps, Especially Before Using Public Wi-Fi
Always log out of apps, especially of ones in which you make transactions, such as Amazon, online banking, or PayPal. This becomes even more important when you plan to use public Wi-Fi. Avast started a little experiment at the Republican National Convention in 2016. They set up open Wi-Fi and checked, how many of the people using it were taking insecure actions. 1.2% out of 1200 users accessed an online banking app, 6.5% shopped on Amazon. 0.24% even visited pornography sites during the RNC and 5.1% used the public Wi-Fi to play Pokémon GO.
Most of those things you really should not do when you are in public Wi-Fi. But even if you are not, make sure to log out of your apps to be as secure as possible in a worst case scenario.
7. Switch of Bluetooth When You are not Using it
Bluetooth is an entry point to your device that is of course secured, but can still be vulnerable. Make sure to turn off Bluetooth when you are not using it, to avoid someone else gaining control over your phone by taking advantage of vulnerabilities.
8. Make Life Difficult for Ad Networks
In recent years, the proportion of personalized advertising has continued to rise. This is because many websites and apps feed large databases with information about their users. This results in extensive profiles that help to deliver targeted advertising. This is what happens when you feel that you are really being followed by individual products. For example, when the red shoes first appeared in the Instagram Feed, then appeared in the smartphone browser between news items and finally appeared on the Amazon homepage as a special deal.
A security risk arises from the fact that the information collected could fall into the wrong hands – for example, due to a data leak. But a risk of a completely different kind also arises when advertising networks collect specific information about individual users. We remember the shared flat where one roommate drove the other almost crazy with targeted advertisements on Facebook – for an amount of $1.70. The whole story can be read here.
You can't turn off the tracking of advertising networks without further ado. But you can cover your tracks. Regularly reset the Ad-ID of your smartphone (applies to Android and iOS as well) to remove the profile information. You can find instructions here.
Also recommended is the use of Firefox Focus, a browser that blocks advertising and tracking at least for visited websites. On Android you can make Firefox Focus the default browser: download from the Play Store. Unfortunately this does not work on iPhones. But on iOS you can use Firefox Focus as an ad blocker for Safari: download from the App Store.
If you follow these tips to protect your smartphone, you will make it very hard for anyone who gets his or her hands on your phone, to actually cause severe damage. There are many great security apps for your smartphone out there, so why not take advantage of that. Just as you would not tell a stranger on the street everything about yourself, it is a smart move not to make yourself and your virtual identity on your phone too accessible.
Ti piace quello che leggi?
Allora unisciti agli 80.000 abbonati e iscriviti alla nostra newsletter gratuita. Ottieni informazioni sulla privacy dei dati, storie sul cloud, suggerimenti sulla sicurezza e approfondimenti dai nostri esperti di crittografia.