Understanding mobile encryption

2017 is the year of hacking, from the WannaCry NHS scandal to celebrities such as Holly Willoughby and Emma Watson having their private images stolen off their phones and released to the media.

While these have been high profile cases, they demonstrate how vulnerable the everyday person’s data and personal information is. Without the proper protection, a cybercriminal can access personal and valuable information on a smartphone, from photos to bank account information.

In the UK alone, 71% of adults own a smartphone, but as a society we still seem to lack a basic understanding of encryption and cyber security. Phones and mobile devices, including wearables, can tell you a lot about a person even if they are locked, from the types of apps they use to the most recent messages they have received. However, once it has been unlocked, information comes flooding out and suddenly anyone can see all your private information and contacts.

>See also: The mobile threat landscape

Whether you’re sending a text message to your partner or a confidential document to your manager, you most likely don’t want prying eyes to see any of your personal content. The best way to keep your information secure is through encryption.

Encryption protects the information saved on a device by scrambling the data into a format that cannot be read by a computer or people without a key. This can be as simple as a scrambled pin code or fingerprint scan.

Mobile security breaches can happen in many different forms, not just through the cloud which is a common misconception. Other external resources, such free wi-fi, charging stations and third-party apps should be treated with a degree of suspicion.

Pokémon Go has been a recent example of a third-party app which has put users’ data at risk. The first version of the viral game saw users sign away their personal data, as the iOS app only gave new users the option to play if they agreed to give full access to all of their Google account information.

>See also: Common security vulnerabilities of mobile devices

This meant that Google could potentially ‘see and modify nearly all information in your Google Account’, according to Google, and while it was corrected in subsequent updates, millions were affected.

One key aspect to also bear in mind is the security of any third-party devices you pair with your phone. With the rise of IoT, more and more people are connecting the likes of security cameras and lighting systems to their mobile phones through apps without realising that they are opening up a new line of access for hackers. If you have an IoT device, make sure to check that it has up to date security and isn’t leaving you vulnerable.

To check how protected your mobile device is, you can search the handset’s encryption level. These encryption levels are measured using Advanced Encryption Standard (AES) and a good benchmark to aim for is 256 AES, the maximum-security level available to consumers.

One thing to be aware of with AES is that it’s levels vary depending on what country you are in, as some countries wish to restrict the import of cryptography technologies. Having an insufficient encryption level could potentially leave your data open to hacking.

>See also: Corporations ‘not prepared’ for mobile breach

While not everyone will need military standard levels of encryption, it is important to be wary of the information you share online and input into your phone. Ensuring that your passwords are different and changed regularly is essential, but to make sure your phone and its content are properly protected do some research into your phone’s encryption levels and make sure you have plugged any holes which could let hackers into your phone.

With cyber criminals on the rise, and hacking now a regular occurrence on a global scale, it is important to be vigilant in the protection of your personal data.
Sourced by Darren Gillan, managing director of Macate


The UK’s largest conference for tech leadershipTech Leaders Summit, returns on 14 September with 40+ top execs signed up to speak about the challenges and opportunities surrounding the most disruptive innovations facing the enterprise today. Secure your place at this prestigious summit by registering here

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...