7 Simple Ways to Make Your Android Phone More Secure

Credit to Author: Matt Burgess, WIRED UK | Date: Tue, 01 Dec 2020 14:00:00 +0000

To revist this article, visit My Profile, then View saved stories.

To revist this article, visit My Profile, then View saved stories.

Your entire life is contained in that glass slab in your hand. From emails and private messages to photos and videos of your most treasured moments, it’s all there. However, you probably don’t spend anywhere near enough time making sure your phone is configured to protect your secrets. This applies whether you’ve had your phone for years or just got a new one in the Black Friday sales.

This story originally appeared on WIRED UK.

There are a couple of different ways to think about privacy when it comes to your phone. There’s the data that it collects about your actions and interests, and then there are the protections you can put in place to stop people around you from accessing the physical device. Both are important, and there are easy things you can do to improve each of them.

Before we get into what you can do to improve your phone, there’s the sticky issue of Google. The tech giant owns and develops the Android operating system, and it is also one of the biggest collectors of personal data there is. The firm’s business model is based on making money by getting people to click on ads, and the information you provide it with goes towards this end.

So if you’re looking for more privacy in the everyday actions you take on your phone, you may wish to consider moving to iOS. However, that doesn’t mean there aren’t ways to improve some areas of your phone’s privacy.

Getting the fundamentals right is the first place you should start. These are the things that people in the security and privacy world have been advocating for years, and, most likely, they’re the things you already know and (we hope) already do. The first line of defense to stop someone getting into your phone is a screen lock—a PIN or passcode is better than a pattern swipe.

Beyond that you should be using a password manager to create unique login details for all your online accounts and making sure two-factor authentication is turned on for as many of these accounts as possible. Both will limit how easy it is for someone to hack into your account using details that were previously swept up in data breaches.

Automatic software updates should be turned on to plug any potential bugs or security flaws in the code that your device runs. For apps this is done in the Play Store settings, under the auto-update apps option. For the wider Android OS, you need to visit the Settings app and find "system updates" (depending on the make of phone you have, it can be in different folders). While we’re talking about apps, you should also visit the privacy menu in the Android settings and check which permissions you have given each app. It’s likely that you’ll be able to turn off location sharing and access to photos and files for a lot of apps. Now that all those bits are out the way, let’s move on to some of the meatier stuff.

You have a password or PIN on your phone to stop people from getting into it if it falls into the wrong hands. But sometimes that isn’t enough. There are times when you will want to hand your unlocked phone to the people around you—showing photos to friends, for instance, or giving it to your kids to play on—and you may want to consider putting some extra locks on the apps you want to be more secure. Unlike Apple’s iOS, Google allows apps to request permission to control other apps. This means password-locking individual apps is possible.

To lock your apps, you’re going to need another app. There are plenty available on the Android app store, and, as with all downloads, you should be cautious of what you’re accessing. If an app is full of ads, doesn’t have clear privacy policies, or isn’t from a trusted developer, then you should probably avoid it. For an app locker, Norton App Lock is a good place to start. It’s from a trusted security name, and it allows individual apps or groups to be covered by the same passcode.

Travel isn’t really an option for lots of people right now, but there’s nothing more mortifying than someone peering over your shoulder on public transport and seeing notifications pop up with the full message contained. It’s a feeling that’s also repeated when you’re sharing your screen with colleagues and a gossip-filled message about the meeting you’re in flashes up.

It doesn’t have to be this way, though. Navigate to settings and search for notifications, and from this page turn off the option for "sensitive notifications." This means the content of your messages won’t pop up in the notification banner when the phone is locked.

There’s been a troubling rise in stalkerware in 2020. On phones, stalkerware manifests itself as apps running in the background that can record and track everything a person does. It's increasingly an issue in domestic abuse cases, and the technology can appear invisible unless you go specifically looking for it.

If someone has installed stalkerware on your device, there are a few telltale signs it may be there. A phone may run hot and see its battery levels drop quickly. Cybersecurity companies have been increasingly detecting stalkerware code through their antivirus tools—both Kaspersky Antivirus and Avast’s Antivirus can check your phone for malicious apps. Refuge’s National Domestic Abuse hotline can also help people who are experiencing tech-based domestic abuse.

Virtual private networks (VPNs) aren’t a failsafe for protecting your privacy, but they can help. The software creates an encrypted connection from your device to a remote server and passes internet traffic through this. It stops your internet service provider from fully knowing and storing your browsing history. Journalists, activists, and people looking to avoid state censorship are some of the most frequent users of VPNs.

But which VPN should you pick? There are a lot of options out there, and they all have different pricing arrangements. It’s best to choose a paid VPN, as these are less likely to have questionable data practices; ones that offer family or multiple-device plans can cover whole households easily. We like Windscribe and ExpressVPN. They’re both quick and have proven they don’t store logs of your browsing activity, unlike some VPNs.

If you’ve had your Android phone for a while, you probably haven’t thought twice about the apps you use for search, voice assistants, phone, and SMS. This summer Google launched a choice screen on new Android phones—after it was fined £3.8 billion by the European Competition Commission—that allows people to pick their search engine during the initial setup. This lets you pick a search engine that isn’t Google—yes, they exist!

Within Android’s settings options, look for "default apps" in "apps & notifications," and you can pick the apps you use most frequently. It goes beyond search: You can change browsers, digital assistants, home app, phone app, and SMS app. Some of our favorite privacy-friendly alternatives include Firefox (for a browser), DuckDuckGo (browser and search), and Signal (SMS).

While your phone’s passcode protects your files and data from being accessed by someone trying to access your phone, it doesn’t do anything to secure the data stored on your phone at a technical level. For this, you need to encrypt your device’s disk. Turning on encryption means that the files can’t be accessed by anyone trying to extract them from your device unless they have the passcode. “Encryption ensures that even if an unauthorized party tries to access the data, they won’t be able to read it,” Google says.

You can encrypt your phone through the settings app—it’s easily found by searching for "security" or "encrypt." To do this you’ll have to enter, or create, your phone’s PIN and make sure it is on charge. Encrypting a full device can take a little bit of time, so it’s probably best to do this during some downtime. Google has made it mandatory that Android devices can be encrypted since 2015, and it is increasing its efforts to make it less resource-intensive on low-end devices.

This story originally appeared on WIRED UK.

https://www.wired.com/category/security/feed/