How Secure Is Your Mobile Device?
Our mobile devices often contain information about every aspect of our lives, but are they as safe as our desktop counterparts?
At the start of this decade, few people could have predicted that mobile devices would become our default method of internet access. Since the iPad launched in 2010, we have all become accustomed to living our virtual lives through handheld or pocket-sized hardware instead of traditional desktops and laptops. Sadly, however, the breakneck pace of mobile communications hasn’t been matched by corresponding levels of security.
HTTPS
Think about it. When you make a purchase online, do you look for the https prefix or the green address bar of desktop browsing? Apart from banking apps, how often does a mobile site request two factor authentication? Would you tap your laptop against a supermarket checkout to automatically pay for shopping, and when was the last time you sat in a train carriage or café doing something you’d regard as personal or private?
Panning For Profit
To the faceless cyber criminals who made great capital out of the internet’s formative years, our collective rush to mobile has become a second gold rush. Our mobiles are more easily hacked, stolen and cloned than desktop devices. They’re far less likely to have antivirus or malware software installed, and security measures often extend no further than entering “1234” into a PIN display. We use mobiles with a confidence that belies our caution about handing over bank details to charity collectors, or letting friends loose on our home laptops.
Why aren’t mobile devices safe?
Nor is it just our own laissez-faire attitudes that are to blame for the rise of mobile fraud. The focus on screen size and battery life among smartphone manufacturers has pushed security down the priorities list. Because mobile devices aren’t connected through a router, they rely on unsecured wireless networks that are designed for stable (rather than secure) connections. Apps need to run quickly to avoid being deleted, and few people are patient enough to enter multiple layers of security – assuming they can even remember the specific combination of upper and lowercase letters, numbers and permitted symbols each app requires.
Feeling Insecure?
With mobile devices now handling most developed countries web traffic, what can be done to improve this troubling situation? Firstly, smartphone manufacturers need to recognize that people’s entire lives are often stored on these devices. Biometric identification is a good start, but every device should automatically lock after a short period of inactivity; it should also have the capability to run a slimmed-down security package without harming battery life. Mobile network operators could make greater use made of geolocation and data analytics to identify suspicious patterns of behavior that can be challenged – however much that taps into our Orwellian fears of constantly being monitored. Sometimes, safety comes first.
What can WE do?
We have our part to play, as well. Sitting on a train with Bluetooth turned on effectively invites hackers to seize control of the device, or view and copy its data. Disengaging password entry to save a few seconds is highly irresponsible, and every device should have a degree of security software installed from the app store. Regular OS updates will patch any identified vulnerabilities, and it’s always advisable to avoid sharing sensitive data like bank logins while using wifi hotspots. Indeed, avoid entering any sensitive data in public – the stranger sat beside you on the train could easily see your PINs and passwords being entered.
It’s best to imagine mobile devices as the miniature computers they’ve become in recent years. If you wouldn’t do something on your PC, don’t do it on your phone. Avoid dubious apps or websites, buy from reputable traders, and don’t send sensitive data across public networks. And finally, never save passwords or login details in your phone’s address book…