Recently, a very close acquaintance of mine had his mobile phone stolen and had to get a new one. Luckily, he was smart enough to immediately block it and he already had two-factor authentication set up on another device, so his data was well protected and there wasn't much the thief could do.
Now, this acquaintance is a very smart person and not someone who forgets things easily, which just goes to show you that things like these can happen to anyone.
In fact, in a 2014 Phone Theft in America report, the United States Federal Communications Commission (FCC) said that most (44%) were stolen because their owner left the device behind in a public setting, while 14% and 11% respectively were stolen in a burglary or directly off the person (in a mugging).
The consequences of such a theft are, of course, serious and 12% reported experiencing fraudulent charges on their accounts, 10% loss of company data, while 9% were victims of identity theft.
In another report, this one by Consumer Reports mobile phone thefts nearly doubled between 2012 (1.6 million) and 2013 (3.1 million) in the US.
Android as the Most Targeted Mobile Platform by Cyber Attackers
This just accounts for stolen or lost mobile devices. In addition, as an Android device owner, you also have to worry about cyberattacks and hacks.
Android is by far the most widely used mobile operating system with a 71.9% global market share, ahead of iOS with 27.33%, while others like Samsung, KaiOS and Linux don't even reach 1% together, according to Stats Counter.
With such a huge margin in its favor, it should come as no surprise that Android is also the most targeted mobile platform by hackers and cybercriminals.
As such, it's important to know these next 15 ways for better Android device protection:
1. Lock Your Screen
One reason why the thief wasn't able to swipe everything from my acquaintance's phone was the fact that he locked his screen.
This is one of the very first things you should do when you buy a new mobile, if for nothing else, then to stop that one friend that likes to look at everyone's phone (we all have one like that).
Locking your screen is really easy to do and it takes just a few moments, but it pays great dividends for your Android device protection. You can set it up as a pattern (probably favorite of many), PIN (which I prefer), password, or a biometric like a face or iris scan.
To set this up go to:
- Security and privacy
- Lock screen password
- Change lock screen password
- Enter lock screen password
Why did we recommend a PIN/password and not the "cooler" biometric options?
Well, first of all, personally I find biometric to tend to be a little iffy and not always work properly (sometimes it takes two or three tries for the device to recognize them).
More importantly, however, whatever option you select to lock your screen with, this gets stored as data somewhere. Which also means that it can get stolen. You can easily change a password or a PIN (and in fact, you should from time to time), but you can't change your biometrics (at least not yet).
2. Encrypt Your Device
A PIN or a password is a good way to secure your phone from an average thief, but against a determined and skilled hacker, it will only get you so far.
Every password can be cracked given enough time and information to go on, so don't rely solely on the fact that you've locked your screen. If you have sensitive data on your phone (and you do, let's be clear), be sure to protect it by encrypting your Android device.
This will scramble all your data into an unreadable format without decrypting it first with either a secret key that only you know, or a password.
An even bigger reason why you'll want to encrypt your device is to protect it against backdoor attacks by the government.
For instance, in 2020, US senators Tom Cotton and Marsha Blackburn, alongside Senate Judiciary Chairman Lindsey Graham, introduced "The Lawful Access to Encrypted Data Act", which basically gives easier access to devices to government agencies (it makes it easier for them to hack your device).
This should give you enough reason to encrypt your device, but how can you do that?
From Android 5.0 and above, you have the full-disk encryption option. Depending on your Android version or phone model, the options may look different for you. I'm using a Huawei phone with Android 9.0.
- First, back up your files
Before you do anything, be sure to first back up your device in case something goes wrong.
- Make sure your battery is fully charged
Encrypting your Android device is not a quick process and you don't want to interrupt it because you run out of battery.
Be sure to fully charge your battery before you start as often Android won't let you even begin if your device is not charged at least 80%.
Go to "Settings" and in the next screen, tap "Security and Privacy"
In "Security and Privacy", tap "More Settings" option (depending on the size of your screen you might have to scroll down a bit
- Once in "More Settings", find "Encryption and Credentials" and tap this option to open it
- Select the "Encrypt Phone" option from the menu
- You should get an explanation of what is going to happen next in case you decide not to go with it and that you need to unlock your screen, so if you want to proceed, do this now and then tap "Encrypt Phone"
- Now we wait. This will take a while, so let your phone be while it encrypts and go do some other stuff like read a book, watch a TV show or an MMA match. In an hour or so your phone should be done with encrypting itself.
3. Set up Find my Device
Even though this might give Google your whereabouts, in case your device gets stolen or is lost in a runaway taxi, it could prove crucial to retrieving it quickly.
This option will link your phone to your Google account and allow you to manage it remotely, thus improving your Android device protection as long as it is connected to the Internet.
To set Find my Device go to:
Under "Services" tap "Security"
Tap "Find My Device." This should be the first option in the next menu
- In the "Find My Device" window make sure the option is "On."
Here, you have several ways to locate your Android device (just like the screen says). Make sure that your Location is also on. Otherwise, you won't be able to find your device:
With a Find My Device app downloaded from Google Play
By visiting Android.com/findmydevice
3. Or, searching "Find My Device" on Google
4. Hide Your Notifications
This is an easy option to set up, but a lot of people forget about it. The result could be that someone stealing your phone or just picking it up when you're not around could see your alerts, message previews, contacts and more.
To hide your notifications go to:
- Lock screen notifications
Once here, you'll have three options: "Show", "Do not show" and "Show but hide contents."
Pick whichever of the latter two works for you.
5. Check Your App Permissions
Have you noticed that almost every app you want to download from the app store asks you for a dozen or so permissions, like access to your contacts, calendar, other apps, phone calls, microphone, camera and so on?
Here are all the permissions apps might ask of you:
Did you ever wonder why some of them need many of these permissions? Does a barcode scanner need access to your contacts or phone calls or a PDF reader access to your location?
They don't so it's probably a good idea to cancel their permissions (even though they'll scream at you that "they need this in order to function properly").
To set app permissions go to:
- Go to Apps. You'll have two options:
- Set permissions for individual apps by selecting Apps, or
- Go to Permissions and set individual permissions for apps by ticking the on/off slider
Finally, if you feel that an app is asking for too many permissions, that's not a good sign and you should look for an alternative that won't invade your privacy as much.
6. Look for Privacy-Focused Apps
Speaking of privacy-focused apps, you should make them the default on your Android.
Default Android apps are the ones that automatically open when you, for example, open your email or browser. For instance, on Android phones, Google is the default browser, but you should replace it with a more privacy-focused browser.
On Android, you might want to check DuckDuckGo or Firefox Focus, which are both free.
To change your default app, like a browser on Android, you need to:
- Go to "Settings"
- Tap "Apps"
- Select "Default apps"
- In the next list, select an action that you want to change the default app for. Let's say you want to change the default browser. Ignore the "tip."
7. Only Install from Known Sources
One of the things Android has (smartly) inherited from Linux is only letting you download from "approved" Android developers and this should already be the default setting on your device.
But, just in case it isn't, or you're not sure if it is the case, you can check by:
- Going to "Settings"
- Then, "More settings"
- Next, tap "Install apps from external sources" (this could also be named "Install apps from unknown sources" or "Install unknown apps" depending on your phone
- Select a source and where it says "Allow app installs", tick the slider to the "off" (gray) position
8. Uninstall Apps You Don't Need
If you haven't used an app in a while and it is just sitting there, you should uninstall it.
The problem with excess apps isn't so much that they clog space and resources on your device needlessly, which they do.
They are also a potential privacy and security issue in that they might:
- Send data they secretly collect from you to 3rd parties without your knowledge or consent (for example advertisers), or
- Pick up something from the Internet, i.e. malware, that might negatively affect your device
This actually lines up perfectly with a previous point that we made and that was to disable permissions for certain apps, but it goes a bit further as some apps might still collect data even if you "disabled" certain permissions for them.
9. Go Easy on Cloud Syncing
For many apps, like Viber for instance, syncing data to the cloud is necessary for their functionality. The problem is that this data is also a potential target for hackers and you should limit cloud syncing to a necessary minimum.
To disable cloud sync for apps that don't really need it:
- Go to "Settings"
- Tap on your "Account"
- Select "Cloud"
- Under "Apps using the cloud" select/deselect apps you want/don't want to use the cloud
10. Use a Virtual Private Network
A Virtual Private Network, or VPN, is a great way to prevent your ISP and others to track what websites you're visiting or what you're downloading on your Android device
Because they will definitely do this.
What a VPN does is route your traffic through one of its own servers (only use VPN providers that have several servers), instead of your real location.
This will hide your actual Internet Protocol (IP) address and will instead replace it with that of the VPN server, so a website or someone else that wants to track you will see the VPN's IP instead.
One thing to keep in mind when it comes to choosing a VPN is that some will keep logs, so be sure to use the one that doesn't do this. Some good options include NordVPN, ExpressVPN, IP Vanish, etc.
11. Use a Non-Google Android Version
The default Android is in large part developed and sponsored by Google and it shares data with the big tech company.
However, you don't have to use Google's version of Android and can instead opt for a non-Google Android. That's the beauty of Android being an open-source OS (though with some proprietary parts like Google Play).
For instance, you can install and try Lineage OS. This is a Google Android fork that has been stripped off pretty much all Google services.
Before you download, be sure to carefully read the installation guides for your device (you can find the list of devices on the left-hand menu.
12. Keep Your Device and Software Up-to-Date
This one is pretty obvious and will do wonders for your Android device protection and yet so many people neglect it.
Always make sure that your software is up-to-date. If you don't regularly update your device you leave it vulnerable to hackers.
To check if your phone is up-to-date:
- Go to "Settings"
- Tap "System"
- Select "Software update"
- Press "Check for updates"
13. Use Encrypted Messaging Services
Luckily, there are several alternatives that will do a much better job at protecting your privacy than the Facebook-owned WhatsApp and that offer end-to-end encryption such as:
14. Stay Away from Google's Data Protection
Google, of course, will claim that it is "committed" to preserving your privacy. That's simply not the case and the only reason they do this is that they don't want to get into too much trouble with the regulators.
Instead, the company will happily use its monopoly status to exploit your data at every turn.
Well, you can limit, if not completely put a cork in how much data Google is collecting from your device by going to your phone's settings and then activity controls (or something similar), where you can set what data Google can or can't collect.
15. Use an Encrypted Email Service on Your Android
Finally, we can't end this Android privacy guide without recommending the use of an encrypted email service instead of the default email like Gmail.
You can download Liverado for Android via the Google Play app store on your phone and enjoy private communication without prying eyes on your Android device.
*How to set up a firewall on Android?*
To set up a firewall on Android, you will need to install an app first, like NoRoot Firewall. This app will disable Internet access to apps by default and will show under the "pending access" tab if an app is looking to access the Internet, which you can grant by tapping on the "Allow" button next to it.
*How to secure my Android phone?*
To secure your Android phone or tablet make sure to use on-device encryption, set a strong password or PIN, enable 2FA and also set app permissions (especially for location, contacts and phone calls).
*How to secure Android phone from hackers?*
To secure your Android from hackers follow these simple steps: A. Lock your screen B. Keep the device and software updated C. Disable unnecessary app permissions D. Uninstall apps you don't use E. Enable 2FA F. Turn off Bluetooth in public (unless you're not using it actively) G. Use a VPN H. Install security and privacy apps I. Monitor your Android security
That's it. We told you a couple (15 actually) ways to keep your Android phone or tablet more secure against prying eyes and to increase your privacy. We hope you take this lesson to heart and enjoy your privacy on Android even more.