Between the recent iPhone Keychain vulnerability and the Android adware scare, you might be second-guessing your cell phone purchases. And while there isn’t a piece of mobile technology completely private or secure, weighing all of your options to determine the lesser of all evils is in your best interest.
Luckily, online publication GadgetHacks has done some of the heavy lifting for us.
The Quest for the Safest Phone
In a recent data-driven article, GadgetHacks analyzed a select group of smartphones to determine which ranked the best in the following 22 key security and privacy differentiators:
- Biometrics was weighed as a security measure; is your device protected with more than a password? Also, GadgetHacks considered how easy the biometrics in place is for a user to access.
- Authentication methods was a count of how many ways a user could unlock a phone, or access data.
- Encryption was considered to see which phones used full disk encryption or the more reliable file-based encryption method.
- Hardware-stored keys was a consideration to see how each phone stores cryptographic keys.
- Hardware security module was included in the methodology to understand if a phone uses an isolated processor or separate chip to store sensitive data.
- Sandboxed user account looks into your ability to separate the running programs on your phone.
- Restrict ad tracking looks into if your phone comes with a preinstalled advertising tracking ID for marketing partners to deliver targeted ad, and if so, can the user easily restrict the apps’ abilities?
- Always-on VPN determines if your phone uses the best in VPN services, like if a phone encrypts all data traffic for increased user anonymity.
- Block internet access for apps gives the user control to block internet access for individual applications.
- Data wipe after failed login was considered as an added layer of protection. If an unauthorized user tries to enter a PIN or password too many times, unsuccessfully, does your phone automatically factory reset?
- DNS over TLS looks to see if a phone goes above and beyond typical encryption methods. Specifically, DNS servers can encrypt data using Transport Layer Security (TLS), does your phone take advantage of it?
- Force password to unlock phone would act as a backup to biometrics, giving your phone, in effect, a two-step authentication process.
- Restrict usage of data port means that just because you connect to a device via USB doesn’t mean you want to share your phone’s data. Does your device let you restrict access to connected devices?
- Anti-theft protection: Specifically, GadgetHacks looks at if a phone was able to remote wipe, remote track, and remote lock after it was stolen or lost.
- Built-in password manager looks at whether a device has an encrypted vault to score screen names and/or passwords.
- Password generator does your device generate passwords for you?
- Autofill passwords: Can you access your passwords without using the clipboard, automatically? *We argue, that’s not the safest method.
- Password protected app features look at how easily another user can access your apps when they use your phone. Is it possible for you to lock or password protect data-sensitive applications?
- Password protected files, like password protected apps, are you able to protect individual files stored on your device?
- Stock security center app gauges how easy it is for a user to understand their phone’s current security health and makes it easy to adjust settings as needed.
- Security patch time frame looks at if there is a particular schedule or cadence a manufacturer sticks to when it comes to updating software or releasing patches.
- Bug bounties determine how invested a manufacturer is to improving the safety of their devices. Do they offer compensation for those who can find a bug or vulnerability?
To see how individual phones fared in each category, you can access the full study on GadgetHacks’ website.
The Results
By considering each of the aforementioned security and privacy details, the results rank the top five devices as follows:
- BlackBerry KEY2
- Pixel 3 XL
- iPhone XS Max
- Galaxy Note 9
- Sirin Finney
Regardless of whether your phone makes the list or not — or even how high it ranks — it’s always best to take privacy matters into your own hands.
Don’t forget to do your own due diligence and follow typical best practices like:
- Avoiding public WiFi
- Investing in your own VPN
- Using password regeneration vs. password storage
For more information on how to keep your data safe, contact EZPD today.