ITRC Fact Sheet 144
This guide includes:
- What is a smartphone?
- Risks which occur when using a smartphone
- Best practices to protect yourself and your personal information
- What to do if Your smartphone is Lost or Stolen
A smartphone is a mobile phone with enhanced capabilities. Many of these new functions are similar to those found on a PC. With the increased abilities of the smartphone come built-in risks for exposure of personal information. This personal information, carried on and transmitted through the device, is highly desired for use by identity thieves. There are steps smartphone users can take in order to reduce the risks associated with using these devices.
- Phones are easily lost or stolen. Think about how many times you have lost your cell phone.
- These mobile devices are associated with and linked to a particular user for billing and account purposes. This association is taken a step further when GPS is enabled on a device.
- Increased mobility means increased risk of exposure. Moving in and out of Wi-Fi service areas means moving in and out of firewalls and secure hotspots.
- Some applications used on smartphones are unsafe. Some can actually enable “phishing” or other malicious attacks.
- Password-protect your phone. This is the simplest step you can take to prevent your information from being accessed. Make sure it is a strong password that is not similar to or associated with any other personal information.
- Install Security Software. There are a number of companies which offer anti-virus, malware and security software designed especially for smartphones. Make sure to download security software updates.
- Be aware of what you are doing on your phone. The same precautions you would take while on your home computer apply to your smartphone. Double-check URLs for accuracy, don’t open suspicious links, and make sure a site is secure (https) before giving any billing or personal information.
- Do not “jail-break” or use a “jail-broken” phone. A “jail-broken” phone is a phone that has gone through a process which opens its operating system to applications which would otherwise not be compatible with the operating system. However, once “jail-broken,” the phone is vulnerable to anything the user downloads. Note: The application necessary to jail-break an iPhone may put both your phone and PC at risk.
- When installing an app on any smartphone, take the time to read the “small print.” Evaluate the information the app requires access to, and consider if this information is necessary for the app to run successfully. If you cannot see a reason for the app to have access to the information, you should reconsider installing the app.
- Install a “phone finder” app. These apps are designed to help you find your phone if it becomes lost or stolen.
- Enroll in a backup / wiping program. You can enroll in a program that will backup the information on your smartphone to your home computer. Many of these services are also able to remotely “wipe” your phone if it is lost or stolen so that no data remains on the device itself. These services are available through your smartphone’s manufacturer or through your wireless provider.
- Limit your activities while using public Wi-Fi. Try not to purchase things or access email while using a public Wi-Fi zone. Public Wi-Fi hotspots are targeted by hackers since they can give the hacker direct access to your mobile device. Using your 3G or 4G network provider connection is much more secure than using a public Wi-Fi connection.
- Check URLs before making a purchase using your smartphone. Any page that requires credit card information should start with https://. This means it is a secured site.
If you have enrolled in a backup / wiping program:
- Contact the administrator of your program and have them “wipe” your phone.
- Call your service provider and have them cancel your service and report your phone missing.
If you have not enrolled in a backup / wiping program:
- Treat the loss of your smartphone as you would the loss of a wallet or purse. You can find more information on handling these situations from ITRC Fact Sheet FS 104: My Wallet Purse or PDA was Lost or Stolen.
1G vs. 2G vs. 3G vs. 4G: The G in these terms stands for generation. Therefore 1G would be the first generation of application services. This includes wide-area wireless voice telephone, mobile Internet access, video calls and mobile TV, all in a mobile environment. Each generation expands its capabilities and speed of the network for smartphones of that generation. 4G is currently the benchmark.
Applications (Apps): computer software designed to help the user to perform singular or multiple related specific tasks.
MMS (Multimedia Messaging Service): A standard way to send (picture) messages that include multimedia content to and from mobile phones.
Personal Information: The types of information often stored on a smartphone include, but are not limited to: bank user names and passwords (Banking applications); credit card information (online shopping); utility account information (bill tracking applications); email accounts; GPS information; and social media contacts.
Personally Identifying Information: This is the sensitive information that identifies you as an individual, and which can be used for identity theft. PII is information such as your Social Security Number, or Driver’s License number. This information often finds its way onto a smartphone and may enable a thief to do serious damage to you.
SIM – Subscriber Identification Module: A removable smart card that stores information such as user identity, location and phone number, contact lists and stored text messages.
SMS: SMS stands for short message service. SMS is also often referred to as texting, sending text messages or text messaging. The service allows for short text messages to be sent from one cell phone to another cell phone or from the Web to another cell phone.
WiFi: Wi-Fi is a wireless standard quite different from the “3G” or “4G” standard used by the telecommunications companies to communicate with your phone/smartphone. WiFi allows a person or a company to set up a local wireless station with a range of about 50 yards, to allow WiFi devices withing that range to connect, and by doing so enable a high speed connection to the Internet. WiFi is used for computers, laptops, gaming consoles, smartphones, TV’s, Blueray players, and a host of other enabled devices, including most smartphones. Wi-Fi connects the guest device to the Internet when within range of a wireless network (WiFi hotspot). WiFi hotspots can be private (protected by a password) or public (available to all local users). The big advantage to the smartphone user is that many times a WiFi hotspot will provide faster connection speeds than using a 3G or 4G connection, and typically there are no data use charges for such a connection. However, you should keep in mind that any WiFi hotspot, whether protected by a password or not, allows transmission of your data in a method which could be captured by another member of that secured network.
What are the benefits of having a smartphone?
Benefits of a smartphone include its size and mobility. These devices are quickly replacing desktop computers for browsing websites, downloading music, checking emails, social networking and even uploading files.
Can my smartphone get a virus like my computer?
Yes. A smartphone runs applications just as a computer would and is, therefore, susceptible to viruses specifically targeting smartphones. The best way to protect yourself from this is to immediately install an anti-virus program on your phone, and to be very cautious about the Apps you choose to install.
What should I do with my smartphone when I am no longer using it?
The information on a smartphone can be accessed even if the phone isn’t being used anymore. When disposing of your smartphone, information needs to be wiped clean from the phones memory and the factory settings restored. If possible, the SIM card should be destroyed unless it is being transferred to another device.
Watch our Hands-On Privacy Videos
Hands-On Privacy with Your Mobile Apps
Hands-On Privacy on Your Mobile Device
Hands-On Privacy on Your Social Media