Smartphone Privacy and Security
Nov 18
This guide to smartphone privacy and security covers:
How much does your phone know about you?
What is mobile malware?
Securing your Smartphone
Application permissions
Location Services (GPS) and WiFi
How much does your phone know about you?
Ever thought of how well you know the functions of your phone? Now, ever thought of how much your phone knows about you? The increasing use of smartphones for daily activities, such as emailing, banking, web browsing, shopping, bill tracking, social networking, file storage, and entertainment gives your mobile device the ability to know everything about you. Your Smartphone’s knowledge, if not protected, is a potential risk to your security and privacy. The ultimate question to ask: Is my privacy and security at risk?
Mobile malware is a program especially created to wreak havoc on your phone. Once installed on your device, it may disrupt the phone’s system, in order to gather information stored in the device. It may also gain access to the device’s operating system, and take over the phone.
Mobile malware may present itself through fake mobile applications, web-browsing, and SMS/Text messages.
- App-based malware attacks: may target a user’s financial information. This might include bank account numbers, passwords, and PINs. The access of such information may result in the loss of money and/or account take-over.
- Web-based Smartphone attacks: may result by clicking on an unsafe link. This may potentially give rise to “Phishing” scams or downloading infected files.
- SMS/Text message-based attacks: can also be used to spread malware through unsolicited SMS/texts that request the user to reply or click on a link. Unknown to the user, malware may be installed to the device, leading to unauthorized access to the device’s information.
- Passcode: A passcode is a simple step to take to protect your smartphone if it is stolen with all of your personal information. This simple step may be the difference between success and regret if your Smartphone is lost or stolen.
- Antivirus software: Consider using mobile security antivirus software. There are Smartphone apps designed to monitor and protect your device against malware and spyware.
- Software updates: Updating your Smartphone’s operating software is another step towards a secured device. Software updates are designed to fix problems in the device’s operating program, which may include fixing security vulnerabilities or other bugs that may diminish your Smartphone’s performance. Therefore, stay up-to-date on any software updates and make sure to install the latest version. After all, we are concerned with performance and usability – something a software update can improve.
Note: Do not allow your device to remember passwords. If your device is lost or stolen, the information is now compromised.
Ever wonder if the apps that you download put you at risk? If not, you probably should. Many apps are designed to capture a wide range of information. Did you know that apps can:
- Read phone state and identity
- Track your location
- Read owner data
- Read contact data
- Record audio – your calls
- Take pictures
- Modify or delete SD card content
- Edit SMS/text or MMS messages
- Write sync settings
- Send SMS messages
- Write contact data
- Access the internet
The best security practices when downloading apps are exercising caution and reviewing the app’s ratings, regardless of whether the app is free or paid.
You should carefully examine and pay attention to the permissions the app is requesting to access:
- Android Market apps require the user to either grant or deny access – if you deny access you will not be able to download and install the app.
- BlackBerry devices allow the user to go back to application permissions to modify or remove the ‘Trusted Application’ status. The status gives the application permission to access sensitive functionality on the device, which includes phone, GPS, and Internet – once given trusted permission, the application will not prompt the user for permission again before accessing the phone’s data.
- iPhone apps will not disclose what the application has permission to access. When downloading an app whether free or paid, Apple requires the recognition of consent by having the user sign in using their Apple account.
Because apps have access to a lot of your personal information and data on your Smartphone, exercise a great level of caution when downloading apps and familiarize yourself with what the app really needs in order to run. If you feel it requires more than it really should, reconsider installing it.
Only download applications you trust. Android users are allowed to download apps from third-parties, whereas, iPhone users are only allowed to download apps from the Apple Store; unless, of course the iPhone has been “jail-broken.” Jail-broken iPhones can download applications from the “Cydia App Store” (apps that have not been approved by Apple).
Location Services (GPS) and WiFi
- Many applications request permission to access location. Consider turning off the location services (GPS) on your phone to protect your location privacy, unless it is necessary to perform a desired function. Keep in mind that you have the ability to enable and disable the location services on your phone.
- Have you ever taken photographs with your Smartphone and posted them online? What’s the worst that can happen? As careful as you may be, if your GPS is enabled, your personal information may be exposed through a process called “geotagging.”
- According to Wikipedia, “Geotagging is the process of adding geographical identification ‘metadata’ to various media such as photographs, video, websites, SMS messages, or RSS feeds and is a form of geospatial metadata.”
- This information most often includes latitude and longitude coordinates which are derives from a global positioning system (GPS).
- While it sounds complicated, it really isn’t. It simply means the marking of a video, photo, or other media with an embedded location of where it was taken.
- Smartphones featuring GPS have made this “tagging” possible.
- “Geotagging” has been considered an infringement on public privacy and problems can arise if the information is given out unknowingly and/ or pulled by the wrong people. So, the photograph you took in front of your computer, at your doorstep, etc. has been recorded and may have possibly given your location
- To protect yourself, you can:
- Turn the geotagging feature off. Learn how to do it at www.icanstalku.com
- Download disabling software (it will search for geotagging information and delete it before sending)
- Be aware and educate yourself. Understand the information you are sharing
- Consider what you post on the Internet. You never know who has access to it
- Protect your privacy and security by exercising caution while doing financial transactions or checking banking information while connected to public wireless networks (WiFi). Credit card and personal information transmitted through public WiFi may be up for grabs by identity thieves.
- If you are a Smartphone user, it is highly recommended to use your Provider’s 3G Network to conduct any financial business. After all, you are paying for the service.
Smartphone Privacy and Security provided by the Identity Theft Resource Center
Nov 27 at 05:29
[...] “[…] daily activities, such as emailing, banking, web browsing, shopping, bill tracking, social networking, file storage, and entertainment gives your mobile device the ability to know everything about you.” writes the Identity Theft Resource Center. [...]