Are you encrypting your device? All major smartphone operating systems (OS) offer device encryption, but should you use it?
Very simply, encryption is a way of scrambling your data so only authorized people, with the correct decryption key (i.e. PIN, password, or pattern), can read it. Without it, even if your key can’t be guessed, criminals could still, say, plug your smartphone into a PC and get information that way.
I should probably use less encryption stuff, but they say you never can be too paranoid. :P
— J (@IncognitoAPT) June 13, 2016
Encryption isn’t about secrets; it’s about security. You might’ve heard about performance lags. You might think encryption is unnecessary.
But here’s why it’s definitely worthwhile, and why it won’t substantially affect the way you use your cell phone.
Your Data is Worth Stealing
Only big corporations use encryption, right? Well, no — not at all. Your data is worth a lot to thieves, especially given the amount of further information they can glean from your phone.
I wonder what their password is pic.twitter.com/CdjSs6ipox
— 9GAG Tweets (@9GAGTweets) June 18, 2016
Your name, address, date of birth, and email are all pretty easy to find out regardless, but even this Personally Identifiable Information (PII) can be sold on: criminals can come by this data fairly cheaply, but when it’s sold en masse, they can command high prices on the Dark Web.
It’s all about immersion in an individual’s life, leading to identity theft. That’s why you should always shred seemingly innocuous documents like checks, passports, and boarding passes.
Please not another phone encryption scandal.
— Jeremiah Grossman (@jeremiahg) June 12, 2016
So if just your name and address is worth serious cash for cybercriminals, think how much further information you have on your phone…
Thieves Can Dominate Your Life
Scroll through your device. Go on. Take a look at your contacts, your emails, your instant messenger apps, your videos, and texts. Consider the accounts you’re still logged into on the Internet.
Now think of all that data in the hands of a thief. Horrible, isn’t it?
Due to the wealth of apps we all download and pour data into, our smartphones have become a reliable indicator of our lives, an extension of who we are. Being a victim of theft is awful enough without thinking that the item stolen can have greater use than solely being sold on.
It’s even more concerning considering the information we give social media accounts; just look how much Facebook alone knows about you: your interests, your location, and what sites you visit (you can wrestle back your privacy, however). And from that data, scammers can make surprisingly accurate guesses at your other passwords, similar to how Digital Shadow infers private details.
Without encryption, all this could be in the hands of cybercriminals.
Protect Your Photos
Your camera roll and videos feel a lot more personal than even your Facebook.
We all know the trouble caused by NSFW photos: the so-called Celebgate hit the headlines, but you don’t have to be famous for potential leaks to be an effective threat. If you’ve taken or received intimate photos, it doesn’t matter who you are: you could be a target for the abhorrent blackmailing technique called sextortion. This is very simply when images or footage is used to get leverage over you. The practice has got even more threatening, with scammers tricking victims into downloading malicious apps that give them complete dominance over your relationships with family and friends.
While encrypting your device won’t stop you engaging with fake profiles set up by fraudsters solely for cybersex, it will stop any thieves from scrolling through your images. For an added layer of privacy, you could also download apps that hide your photos behind another PIN (just don’t use the same one that unlocks your phone!).
Of course, you don’t have to have NSFW material on your device to want security. Comparatively few really do have such adult content. You can still feel protective of any pictures of yourself and your family, so encryption is essential.
Data Can Still Be Recovered After Factory Resets
Thinking of selling your old phone? Visit eBay and you’ll find batches of Windows Phones, BlackBerrys, and Samsung Androids. These sellers have likely been assured that all their personal data is erased when they do a Factory Reset.
Your new password must contain:
A sonnet from Shakespeare
Your first born child’s soul
6 drops of unicorn blood
— Amanda (@Pandamoanimum) June 21, 2016
Sadly, that’s not the case. Instead, files are marked as deleted; that’s not the same as being completely wiped.
A determined scammer can still recover information they should never have got their hands on — and if that’s how they make a living, the criminal will have software sophisticated enough to do a thorough and swift job of stealing it. This is a particular worry if your device doesn’t offer default encryption (such as the iPhone), so now is a good time to check out how secure your OS is.
Before passing your smartphone on to a new owner, encrypt your data then do a Factory Reset. It’ll mean that even if a criminal attempts to restore the information afterwards, it will be unreadable.
Fight Big Brother
It’s perfectly understandable if you’re troubled by the growing powers of international governments in infringing your privacy. The worst thing is, there’s very little you can do about it.
You’ll be familiar with PRISM, now what comes to mind when anyone mentions state surveillance, but the National Security Agency (NSA) and its global counterparts aren’t only keeping track of your Internet usage: your phone is naturally of interest. PRISM’s leak arguably just allowed intelligence services to own up to privacy invasions — not stop doing it.
3D Printing turns speech into guns. Encryption turns speech into privacy. Bitcoin turns speech into money. Free speech trumps other debates.
— Naval (@naval) June 15, 2016
While encrypted data on a PC might make you stand out as suspicious, so many use passcodes for their devices now anyway, it’s not anything notable. Okay, so practices like the UK’s “Snooper’s Charter” allows extraction and collection of metadata, but encryption at least means authorities need your permission (or a hacker able to crack, say, iPhone security) to gain access to more specific content.
It Doesn’t Noticeably Affect Performance
You’ll probably have heard that encrypting your smartphone slows it down. It’s that old argument of security versus convenience.
But if the latter is a priority to you, you needn’t worry. In the vast majority of cases, encryption doesn’t affect the performance of your phone to a noticeable extent. It’ll only affect older, less powerful handsets; if your OS is up-to-date, you shouldn’t have an issue.
Basically, your phone will be slightly slower when you unlock it because it needs to be decrypted each time, but owners have come to expect this sort of privacy layer from their devices, so that convenience goes hand-in-hand with security.
Loading times do naturally vary between manufacturer and OS — some reports state that the Nexus 5 takes longer than most to decrypt, while the effect on W10M and iPhones is minimal — but you won’t be lagging so far behind it becomes a huge nuisance.
It’s Very Easy To Do!
It doesn’t matter what OS your smartphone uses: encrypting is simple.
IPhones are arguably the easiest to encrypt, while Android is a slightly more elaborate process (and if you’ve rooted your phone, you’ll need to temporarily undo that), one that can take some time — but is still nonetheless worth it. If your device runs on iOS or Android, check out how to encrypt it.
Password Strength: Very Strong pic.twitter.com/jabs7ftt3F
— trouteyes (@trouteyes) June 22, 2016
As for anyone with Windows Phone or W10 Mobile, you need to firstly go on Settings > Accounts > Sign-in Options and add a PIN. You can only encrypt the phone with this PIN: make sure it’s memorable but personal, so it’s not easy to guess, but not something you’ll easily forget either. This will be the only way to get access to your data.
Go back to Settings > System > Device encryption, and make sure it’s turned on. You’ll be redirected to Sign-in Options if you’ve forgotten to add a PIN.
See? It’s really that simple!
Is There Any Point Not Encrypting?
Considering the wealth of benefits, it’s a surprise device encryption isn’t more commonplace; perhaps this is due to the myths about performance or the optimistic outlook that thieves only every target other people…
16th century French encryption book from the court of Henri II. pic.twitter.com/u22BAw4DfK
— History Pictures (@CombinedHistory) June 16, 2016
Do you use encryption? What prompted you to use the security measure? Any further reasons everyone needs to be securing their data?