Let’s name several measures that will help improve mobile device security and primarily models on the Android platform, but some of the recommendations are also suitable for Apple.
For a long time, the issue of Mobile Device Security was practical and of no interest to users. Formally, everyone was aware of the need to comply with primary measures: buy a smartphone only from an official reseller, install applications only from the official marketplace, and use reliable password protection when downloading applications. Problems, of course, arose, but in most cases, they were related to the oversights of the users themselves or the theft of registration data. Many have learned an iron rule: do not answer calls from fake “bank security services” when unknown people ask you to provide the received SMS code, but the matter did not go beyond this.
iOS or Android: which is safer?
The manufacturers themselves spoke about the safety of their smartphones. Apple, for example, touted the benefits of its Unix-like mobile OS, iOS, based on Darwin (BSD). And she was right: this version was born in Berkeley (USA) as a clone of Unix. The open source OS was replaced by a proprietary version of Mac OS for Macintosh personal computers. Later, the mobile iPhone OS was created from this OS for the iPhone and iPod Touch, later renamed the mentioned iOS.
The Android OS followed a similar path. It was built on a Linux kernel, also born from Unix, to which was added a virtual machine (Dalvin Virtual Machine) developed by Google to process mobile applications bytecodes.
Difference between Android and iOS
The fundamental difference between Android and iOS was that the source code for the iOS kernel on the Apple platform was closed, which provided full “factory” control over the components. On the Android platform, control has been exposed through source code, but its security system has been applied to control access to system functions.
The more open architecture of Android made it possible to increase its functionality, including at the system level. Third-party manufacturers took advantage of this. For example, Samsung began to bundle its smartphones with an additional add-on called Knox, which creates a new layer of security that allows you to separate personal and work data in a smartphone. Access to protected data is performed using an automatically generated password, different from those manually entered by the user. Therefore, even if you find out the password data for connecting to a smartphone, you will not be able to access protected data through software.
Security is not Enough
It would seem that there is no point in worrying, everything is under control. But, for example, at a meeting of the St. Petersburg International Economic Forum 2022, Stanislav Kuznets, deputy chairman of the board of Burbank, announced recent statistics: according to the bank, over the past three months, hackers have stolen the data of 65 million Russians, 13 million bank cards have been compromised. At the same time, he called the reason for the theft of data not from their own data centers, but by hacking other sources, including mobile devices or through their use.
According to Statista, over 70% of the world’s mobile users use Android. More than 60% of smartphone owners pay for purchases with their help, and receive information on the Internet, smartphones are actively used for digital user identification … There are too many sources of data leakage.
Phone Screen Lock
Use a phone screen lock. This simple method will help you not lose data in your absence. It requires simple actions to unlock (for example, entering a password). It is especially useful if a banking application has been opened before: even when it goes into the background, it can remain active, and its blocking is removed after authentication, and this can be exploited by attackers. The lock will also help if the phone was snatched from the hands on the street. While the kidnapper is running away, the protection system will work and will not allow access to bank accounts.
Use a VPN whenever possible. This technology encrypts data transmitted over an Internet connection to prevent theft while it is in transit over the network. At the same time, you should pay attention to the correct choice of VPN provider – a mistake will put the user’s data at risk.
Use two-factor authentication (2FA). This is an additional check during authentication on a network resource. The smartphone should receive a notification with a code that must be entered within a limited period (usually 60 seconds). The service will send a code to the number that was specified during registration. This check does not guarantee complete security but helps in the fight against amateur hackers.
Sensitive Access Points
Try to limit the uncontrolled “spread” of your mobile phone number. This is the most sensitive access point to your data, as well as everything related to your personal life.
Download apps only from official marketplaces. Until recently, this rule was indisputable, most users received applications only from Google Play or Samsung Play. But after changes due to the events in Ukraine, some banks began to offer downloads from third-party addresses. This is potentially a very big threat that hackers will certainly try to take advantage of, so you should be careful about your choice.
Use antivirus software. Statistics show that the majority of Android smartphone users do not do this at all or only occasionally, and after repeated checks and receiving answers about the absence of malware, they forget about it. But it should be added that due to the mentioned events in Ukraine, many popular anti-virus programs have become inaccessible to Russian users, this is a matter of concern.
Serious Source of Data Leaks
Remember that smartphone photos are a serious source of data leaks. Details that should not have free circulation may fall into the frame. And the photo files themselves store a lot of related information, such as geolocation when shooting.
Avoid using public Wi-Fi hotspots and unknown Bluetooth connections. In this way, hackers “catch” users, for example, at train stations and other public places where a large number of people accumulate.
Try to use your power banks. Connecting via a USB port in an unfamiliar place can be dangerous not only due to power surges but also because of the opportunity “provided” to strangers to make a complete copy of the contents of your smartphone and send it to an unknown destination.
Find My Device Feature
Turn on the ‘Find My Device’ feature. This will help to return the smartphone in case of loss, and in case of theft, block it remotely. It is even possible to remotely operate destroying all data stored in the smartphone.
Try not to save passwords for easy re-access. If the scammer managed to pass all the previous barriers, he can easily bypass the password protection in the application.
Browse Internet sites in Safe mode. Many mobile browsers (for example, Google Chrome, and Opera) have an additional option – loading pages in Safe mode (usually on a special tab). This is analogous to browsing the Internet in incognito mode.