Lock down

April 26, 2014

Email

— File Photo
— File Photo

Many of us have become a bit paranoid about the apps we install on our smartphones and the information that they are able to access. App stores are making permission access levels more visible and while reviewing the details, we often worry about our privacy.

We are surprised to see apps asking permission to connect with our social avatars or even confirming our mobile phone numbers, without us having ever entered that information for that particular app. The digital world is becoming increasingly co-dependent and the balance between having a ‘personalised user experience across all channels’ and ‘maintaining social and information boundaries’ is becoming increasingly tough.

One such example is the recent integration of Gmail contacts with Google+, which allows any Google+ user to email another user. Subsequent emails are controlled based on the first response. Ideally speaking, this makes networking easy for people who thrive on a combination of offline and online interactions, since many users use Gmail for work-related emails. Similar concerns were raised about the iPhone’s fingerprint reading feature: “welcome to the national biometric database, up for grabs by hackers and government agencies alike”.

Lost or stolen cell phones account for 30 billion dollars worth of loss each year in the US alone, and this is besides the cost of the lost information. Looking at how the great security void is expanding along with mobile growth, the US Federal Communications Commission (FCC) launched a small checklist tool called ‘Smartphone Security Checker’. The tool provides users with security guidelines and relevant information links that are useful across all regions.

The key points include: Setup of PINs/Passwords, maintaining factory-set security settings, backup and recovery, installing trusted apps, app permissions’ review, installing security apps, phone locators, frequent security updates/patches to installed apps, caution over open Wi-Fi networks, old phone disposal guidelines and reporting guidelines for stolen phones.

Among the security apps that you can install on your phone, there may be a gap between what they claim and what they actually offer. For example, a mobile security startup called PassBan offers several attractive beta features, including an upcoming wrist band authentication, but so far it seems to be quite unpopular on the app store.

A similar upcoming product called ‘Nymi’ by Bionym is a wristband that reads your heartbeat (unique to each individual) for mobile authentication and is available for pre-orders at a cost of 79 dollars.

Hardware pass keys are not a new development, computer software such as Cubase already use USB keys on computers for what is known as a ‘two factor authentication’. With the current boom in wrist bands and other Bluetooth accessories, it is only a matter of time before this option is available to everyday consumers.

Popular security apps

Most users have an antivirus and malware protection software enabled such as AVG Antivirus (Android, iOS and Windows Phone) or Avast Mobile Security (Android). While AVG has the most downloads over various platforms, Avast offers many advanced features such as ‘Phone Locator’ and ‘Filter Contacts’ for free. They also come with various useful features like Backup and Restore that are worth exploring.

Another freemium security app with intriguing features is Lookout Security and Antivirus (iOS and Android). For example, the ‘Look Cam’ feature emails you the photo of anyone who enters the wrong password on your phone.

SnapSecure (iOS, Android, Windows Phone and Blackberry) is an advanced premium app. On top of the standard security and backup features, it offers great additional features such as ‘Sim Guardian’, ‘Driver Safety’, Family integration with ‘Real Time Tracking’, ‘Safety Zones’, ‘Panic Button’ etcetera.

Featured apps: ‘360 Mobile Security’ and ‘360 Mobile Safe’.

These two separate apps help distribute desired features and come with robust, basic user interfaces. Besides the standard virus protection and backup features, the apps come with handy tools such as ‘Cache Cleaner’, ‘Privacy Advisor’ (to show which app uses which permissions), ‘App Manager’ and ‘Power Saver’ (great task killing features, but overuse of such apps is not recommended).

The apps come with floating toggle widgets for quick power options. There’s also a privacy protection ‘360 Vault’ component that helps the user secure messages and applications.

Secure phones

Besides the confusing mix of available security apps in a still-evolving mix of smartphone operating systems, some startups have stepped forward with custom devices, in hopes of changing the mobile security landscape.

The bulky ‘Snowden Phone’ (named after the NSA analyst Edward Snowden) by FreedomPop, is based on the old Samsung Galaxy SII model and implements 128-bit encryption to messages and calls. It can be purchased with Bitcoins for anonymity.

Silent Circle, a software company that specialises in high-end paid security apps has collaborated with GeeksPhone to come up with the ‘Black Phone’. The phone sports a custom Android version called ‘PrivatOS’, enabling a strong integration with an array of security apps pre-installed on the phone. The phone will start shipping in June 2014, and is available for pre-orders for 629 dollars.

An unlikely contender in the secure phone manufacturing segment is the aerospace giant Boeing, with plans to develop a secure phone, incidentally also dubbed as ‘Black’ phone, which will even self-destruct if someone tries to tamper with it.

However, despite various claims by some vendors of being even ‘NSA-Proof’, these are the words of the manufacturers themselves and the smartphone security arena still seems too premature to know exactly which product is completely secure.

While it is encouraging to see startups involving themselves in search of the most secure phone available, bigger tech companies still seem more focused on developing new features, while being more pro-social. In the end, it’s about selling a product which is more commercially viable versus more secure.

Still, the basic OS security features should not be underestimated as mobile spamming and other security threats are also premature when compared to computers. So while the great minds develop either destructive viruses or super secure solutions, what we can do is to follow the current best practices, play around with the security app (admittedly, it’s quite fun), and keep an eye out for the latest developments. The world is bound to shrink; we might as well live a little.