Security has been a huge topic of consideration in the mobile phone world in recent years. In this post, I’ll explore some of the things I need to consider before deciding what device to go with.
End-to-end message encryption
End-to-end encryption allows a user to send an encrypted message to another person, and vice versa. The information in the message is encrypted so that only those people you authorise can view it.
End-to-end message encryption is useful when sending sensitive data to another person, and for a journalist, message encryption is essential when interviewing sources or witnesses to an event who wish to remain anonymous.
On both iOS and Android, various apps offer end-to-end encryption services, although Apple’s iOS is often touted as the more secure of the two operating systems.
WhatsApp is well known for its message encryption facility, but in 2016, Facebook also launched the service on its Messenger app.
Facebook Messenger: Secret Conversations
Referred to as Secret Conversations, this allows one person to message another under full encryption.
It’s very easy to use and set up. In the Messenger app for Android, under the Profile tab (the image of a person) scroll down and tap on Secret Conversations, and enable the feature in the sub-menu.
To use the feature, simply start a message thread in the usual manner, and tap on the padlock toggle in the upper right corner of the screen. The window should then turn from Blue to black to tell you that Secret mode has been enabled.
What’s brilliant about Secret Conversations, and slightly annoying at the same time, is that you can only use this feature on one device at a time.
Enabling the feature on another device erases all of your previous conversations. It’s a pretty neat trick, and certainly helps to improve the security of sending messages, but I can see this feature being annoyingly too secure when you’re trying to work across devices.
Another caveat with SC is that both the sender and receiver have to be Facebook users with active Facebook accounts.
This means the feature is a Facebook-only service, but for those times when you’d rather have a super-secret conversation away from prying eyes, it’s a useful feature nonetheless.
Sideloading apps: Unknown Sources (Android)
When an app you want to install isn’t avaliable on the Play Store, you can sideload the app. Unfortunately, you can’t do this on an iPhone without ‘jailbreaking’ your device, even though you used to be able to (and possibly still can) install custom certificates that allow you to download company apps or those apps still in beta.
But on Android, it’s actually pretty easy to sideload an app. In the Settings app, head to the Security menu (exact name may vary between devices) and turn on the ‘Unknown Sources’ toggle button. You’ll get a warning about your device being less secure, but that is always going to be a caveat of this feature.
What this allows you to do is to download and install the .APK file of an app not found on the Play Store.
Amazon is a good example. While it’s easy to stream or download your favourite movies and shows on an iOS device, if you’re a Prime Video subscriber with an Android phone, you’ll notice there’s no Prime Video app on the Play Store. In order to access the Prime VOD service, you first need to download the Amazon Underground app from the Amazon website, and then install the Prime Video app from within the Underground app. Don’t ask me why Amazon make it so hard to use their service, but without the Unknown Sources feature, you wouldn’t be able to stream or download Prime movies and TV shows to your mobile.
But there’s a number of reasons why you’d want to sideload an app. One reason could be that the app developer is a startup business, or that the app is in a closed beta and therefore not ready to be published to the Play Store.
Another reason could be that you’ve tried to install an app from the Play Store that’s incompatible with your device (or vice versa). Such instances can be annoying, but as long as you download the .APK from a reputable, safe source, sideloading can overcome this obstacle.
The key word there is ‘safe’ – it has been known for an app APK file to contain viruses, so you should do this at your own discretion and only after doing some research on the topic. Also, it would be a good idea to have some form of AntiVirus software installed on your phone, like Norton or McAfee, to check downloaded files for harmful viruses or malware.
The reason I’m thinking about Sideloading is that I have made use of the feature in the past. I may also use this feature again, possibly to review an indie game or two. Therefore, from a review perspective, Android certainly seems the better choice for me.
SMS Viruses (e.g. Stagefright)
AntiVirus apps (Norton, etc.)
As mobile hacks and scams become more frequent, it’s a good idea to have an AntiVirus app installed, even if you never actually need it.
I’ve always used Norton software by Symantec for my computers, and although there are other apps available such as Knox or Lookout for Samsung devices, my Norton 360 subscription allows for installs on multiple devices, including phones and tablets, so I’ve been able to make use of the extra security without the extra cost.
Norton’s app is useful in that it scans apps on the Play Store even before I’ve hit the Install button – just because an app is on the Play Store doesn’t necessarily it’s secure.
Tapping on the bar that appears in the footer, you’re presented with a list of things to consider about the app, such how much mobile data the app will use on a scale (see image above) as well as how much battery will drain from using the app. These are useful considerations for anybody, and it’s good to see them in an app that’s primarily about device security.
As is the case with other security apps like McAfee and Kaspersky, the Norton app performs regular device scans (and SD card scans, if enabled) in the background to keep you secure. I like this as I can continue to work without needing to do anything.
I’m familiar with both Android and iOS, so whichever operating system I choose, I know I’ll be in safe hands when it comes to security and AntiVirus apps (if needed).
Virtual Private Networks
While I’ve had a VPN feature on my HTC Desire Eye, I’ve never actually used it. That’s because I need rmto know profile details and DNS server settings to set one up, but it’s actually easier to subscribe to a VPN like tunnelBear.
I’ve also never really needed to use a VPN. I can see one of the benefits of using a VPN: protecting your data while mobile banking in a café on a public, insecure WiFi network.
But as I don’t tend to do mobile banking or any sensitive activity on the move, I’m not sure I’ll need this feature baked-in to the Settings app on a phone.
As I said before, if I need to use a VPN, I’ll likely use a service such as tunnelBear which is easy to use and set up: download the app, sign up/in and voila.
As this post was getting a bit detailed, I decided to post a separate section on Fingerprints and the Lock Screen, which you can read in the next blog post of this series.