Smartphone vulnerability is a notorious issue. There’s a plethora of potential problems just waiting to jump put at smartphone users and make their lives a lot more complicated. The amount of personal data that is available to hackers who manage to breach our phones is incredible to imagine – in the pre-smartphone era never has this much information about us been located in one spot, and making us susceptible to all kinds of risks.
Potential weak spots include insecure operating systems, questionable apps that mine personal data, hacking operations, malware, phishing, spy phone apps, identity theft, cybersquatting, and other, less common forms of cybercrime, which are emerging and evolving at a troubling rate.
Apps infected with malware by unfriendly countries, such as Iran, have already been noticed in PlayMarket, AppStore and GitHub, posing an even greater threat, potentially targeting entire countries rather than just the phone owner, or even the company that they work for.
Cyber-surveillance apps, such as Mobogram, which calls itself the ‘best unofficial Telegram fork’ and many others like it, have already been called unsafe by Telegram creators, but are still spreading. This app is supposedly created and monitored by the Iranian governmental authorities, allowing to spy on its users. China is another potential suspect in installing unauthorized spying apps on smartphones, or any other apps, for that matter, considering the fact that an overwhelming majority of smartphones is produced in China.
Operating system comparison
As far as operating systems security goes, Android and Windows Phone rank lower than Apple or Blackberry. The most popular OS in the world with 80% of the market, Android has weak built-in guards against hacking and is targeted most often (as many as 98% of mobile banking attacks are directed at Android users). The reason for Android’s susceptibility is the lack of standardization in software, but a big plus is the chance to customize security settings and build a powerful security system, that is, if you possess the required skills. Windows Phone offers an unstable level of security. Apple offers strong out-of-the-box security, and keeps a tight watch over the apps offered in its AppStore. But it’s been penetrated, i.e. the major Pegasus security breach in August 2017, so it cannot be hailed as entirely secure. Blackberry is well-known for being the gold standard of security, with native data encryption and secure messaging. However, even Blackberry is prone to malware attacks to a certain extent. The bottom line is – no one is safe.
What’s next in smartphone security?
Passwords are known to be easily cracked, so where is the current smartphone security research leading us? One of most promising directions right now entails aspects of biometrics other than fingerprint, facial and iris detection, which are already extensively used. The combination of all three is the most secure, implemented in Galaxy S8 and S8+ phones. The next ones up are sweat analyzers and the straight out-of-science-fiction option which has not been implemented yet, but deserves a mention.
The latter is Neuralink, one of Elon Musk’s ventures, set up two years ago and aiming to directly link the human brain to the smartphone. In this case, unlocking the phone will entail placing it on the top of your head and thinking of some pre-set secret word. It’s hard to imagine this scenario being implemented at any time in the near future, but it’s a curious thought.
As for sweat analyzers, these are closer to reality. Although unique, thumbprints may be replicated, face scans can also be duped, but human secretions are a lot more difficult to fake. The unique combination of chemicals in human sweat may become the next security wall on the way to your personal data. The team at the University of Albany, led by Jan Halamek, thinks that their idea may be realized within 5 to 10 years, provided that manufacturers find it appealing and viable from both the technical and financial point of view.
All of the above are software-related solutions, but there is also research into hardware possibilities that would offer more solid control over the data stored on a smartphone. More precisely, hardware-isolated containers will secure the data, supplementing software encryption and entirely preventing access. Hopefully, security research stays on top of the situation, although it seems that the malicious app developers are always one step ahead, just due to the nature of this fascinating and dangerous game.