By: Brian X. Chen | April 3, 2013 (Featured on The New York Times)
Your smartphone knows more about you than any other device, and it can so easily get into the wrong hands.
If a stranger got hold of your smartphone, it would take just a few minutes to get to know you intimately. Your apps, messages, address book, calendar, browser history, and photos tell a story about what you do for a living, who your best friends are, where you have been and what you like to do.
What can you do to shield yourself from snoops who gain possession of your phone? Fortunately, there are some simple settings and apps to protect your smartphone so that if it is lost or stolen, it will be harder to peek into your life. Here are some basic tips.
One of the easiest ways to add a layer of security to your smartphone is requiring a password to get past the initial lock screen. For iPhones, you can turn on a setting to require entering a four-digit passcode to use the device. For Android phones, you can set up a passcode or a secret gesture that you draw with your finger to unlock the screen. There is also a setting to make the phone erase all your data if a person enters the passcode incorrectly after a certain number of times.
It can be annoying to have to enter a passcode every time you turn on the phone, but one way to make this less cumbersome is to set an amount of time the phone has to wait until it requires entering a passcode again. For example, on the iPhone, you can set it to require a passcode 15 minutes after the last time you entered it.
If your phone is stolen or lost, apps can track its location. If the device is turned on, you can ping the device for a signal to show its approximate location on a map.
For the iPhone, Apple offers a free tool called Find My iPhone, which can be turned on in the settings for iCloud; users can log in to iCloud.com from any browser to view the phone’s location on a map. For Android phones, the free apps Lookout and Where’s My Droid will help locate a missing smartphone. The Lookout app can even secretly snap a photo of a thief’s face with the front-facing camera and send an e-mail to you with the picture and the location where it was taken.
That is not to say that if your phone is stolen, you should hunt for the thief. But police officers have sometimes used the feature to track the stolen phone and catch the thieves.
Both Lookout and Find My iPhone also have a feature to remotely erase all the data from the phone just by clicking a button. This way, the instant you lose your device, you can at least prevent a stranger from looking at your pictures and e-mails.
Apple carefully polices its App Store so malicious software generally does not make it onto iPhones. But the more open nature of Android software makes it susceptible to malware that can steal a user’s personal information; Lookout, the mobile security firm, estimates that from the beginning of 2012 to the end of 2013, 18 million Android users may encounter malware. The Lookout app for Android also scans and removes malware.
The most prominent type of malware is called toll fraud. Basically, a malicious piece of software secretly sends messages from your device to a service that authorizes charges to your phone bill. Owners of Android phones should occasionally check their phone bills for any mysterious charges.
A lot of apps on a smartphone track your location. In the settings for both iPhones and Android phones, you can choose which apps gain access to location data, or turn off location services altogether. It is generally wise to allow only apps that make good use of location data, like GPS software, to track where you are. But you probably don’t want to allow the app made by IMDB, the movie database, to know your location if all you do is look up movies and actors with it.
On some smartphones, your location is pulled whenever you snap a photo. This feature, called geotagging, is aimed at helping organize photo albums. But if you are sensitive about people knowing where you have been, make sure to turn location tracking off inside the camera settings.
Even if you require a password to use your smartphone, a thief can theoretically plug the device into a computer and hack around to take a look at your data. Security researchers recommend using encryption to secure your information.
iPhone owners are in luck: Apple’s newer iPhones have encryption included in both the software and the hardware, making it virtually impossible for any stranger to obtain the data as long as the lock screen is protected by a passcode. Some Android phones have a software-based encryption feature — the popular Samsung Galaxy S III, for example, has an option to require entering a password to decrypt data on the device and its memory card whenever the phone is booted up. Be warned, however, that the Galaxy’s encryption process is irreversible, so if you are the type who finds entering a password annoying, don’t use it.
There are also various third-party apps that allow you to encrypt specific types of information. Good Technology, for example, offers iPhone and Android software for businesses to manage sensitive data, like classified documents and e-mails, inside an encrypted container. The Android app SecureMemo allows you to store sensitive data, like credit card numbers and passwords, in an encrypted file on the memory card. For iPhones and Android phones, the app SecureSafe stores sensitive data in a password-protected “safe deposit box” online. Some health care professionals use a free app called Tiger Text for sending encrypted messages, photos and documents.