Phones aren’t just “phones” anymore – they have a not-so-tiny part of us in them. All those pictures, browsing habits, contacts, accounts and so on can paint a very accurate picture of who you are. Unless you want that image of you shared with the entire Internet (along with your payment info), you’ll want to cross these off your list of potential vulnerabilities.
Be Wary of App Permissions
How many apps do you have on your phone? There’s one for everything nowadays, so we’ll take a guess and say ‘a lot.’ Now, think of how many access privileges you give those apps even when they don’t need it. Why exactly does a mobile game need access to your location or contacts?
Take a second to fine-tune these app permissions from your phone settings. Both Android and iOS have a dedicated menu where you can toggle them on or off, although Android users might need to do a little more digging since each version has a slightly different layout. In any case, here’s a guide for both operating systems:
You might want to take a look at app permissions for things connected to your social accounts as well. Apps like MyPermissions (available for Android & iOS) let you see what’s connected to your Facebook, Twitter, Instagram, etc. accounts in one simple interface and remove or report them if anything doesn’t sit right with you.
Another thing you have some control over, without installing any additional software, is the ad tracking technology built into your phone.
Ad Tracking – Get Rid of It
Both Google and Apple have an ad tracking feature on their respective OS. This assigns a unique advertising ID (called IDFA on iOS) that Google, Apple, and their partners can track you with, making it easier to serve you interest-based ads. Letting these tech giants know that much about you is unnerving to say the least, so here’s how to turn this feature off (or limit it on iOS):
You should be aware, however, that as many as 17000 Android apps have been tracking their users even without the Advertising ID active. Apple has been stronger on its tracking rules for a while now, going so far as treating aggressive tracking tactics as hacking.
Android – Google’s History of You
Android users: are you aware of Google’s activity log? Everything you do is present there: websites you visit, YouTube videos you watch, apps you run, even voice activity if you use that function. As uncomfortable as it sounds, at least it’s easy to clear that data and stop Google from recording it.
Follow these actions: Settings > Google > Google Account > Data & personalization. On certain Android devices you would go to Apps > Google Settings, tap Manage Your Google Account, then Data & Personalization.
Here you can control what you want or don’t want logged to your profile. Go through:
- Web & app activity
- Location history
- YouTube history
- My Activity under “Activity and timeline”
You can delete all this data and turn off (“pause”) each individual setting to never save that info again.
iPhone users are unfortunately stuck in a feedback loop with Apple for the most part. Although by October 2019, Apple finally added an opt-in feature for Siri recordings. Until that point, Siri recordings were kept by default (for up to two years) and even listened in by third parties contracted by Apple.
Hide Your Online Activity with a VPN
As you’ve seen, advertisers will stop at nothing to gain your data and sell you stuff. ISPs are also known to sell your browsing data to the highest bidder, and the number of hackers and cyber attacks and will only continue to grow.
The latter are especially fond of free WiFi networks (and who isn’t?) – relying on the fact that they don’t usually have password protection. Yet these same hotspots can be dangerous even when they’re protected by the latest encryption protocols. Password-less WiFi is just asking to have your payment info stolen by someone with a few minutes on their hands.
If you find yourself shopping, paying bills, logging into your main email account and doing other sensitive activities on your phone – especially on free WiFi – then using a Virtual Private Network (VPN) is an absolute must.
We’ve mentioned encryption earlier. This basically means that your data is obfuscated to outsiders who just see a bunch of gibberish if they try to intercept it. Login and payment info, browsing data, everything is protected. That’s exactly what a VPN, such as NordVPN is best at.
Further, there is a phenomenon of cyber attackers creating “Evil Twin” hotspots that almost perfectly mimic legitimate networks – making them difficult to avoid, short of never using public Wi-Fi. Connect to one of those, and your data is guaranteed to fall into the wrong hands.
Unless you use a VPN, which encrypts your data before it even leaves your phone. It’s a great way to counter those who would sell your browsing habits too, so don’t hesitate to leave the VPN on indefinitely.
Switch to a Private Browser
One thing that can bypass even VPN protection is the usage of browser cookies, and not the chocolate chip kind. Websites use browser cookies to store small bits of information on your device, usually to save your site settings (like choosing to remain logged into Facebook, for example).
The problem is that these can also be used to track you for, you guessed it, advertising. Now, you can clear your cookies every time you use your browser, but that can get tiresome. Instead, you can go the easy route and switch to a more secure browser that rejects cookies and other tracking technologies by default. There are many options available for both iOS and Android, so check them out here.