Contact Us Today! 1-844-237-4300

Central Technology Solutions Blog

When Securing Your Smartphone, Some Options are Better Than Others

When Securing Your Smartphone, Some Options are Better Than Others

Today’s smartphones are equipped with assorted ways that users can authenticate their identity, from the now old-fashioned PIN to basic biometrics. However, while these options are available on a wide range of phones, not all of them are equally secure. Let’s look a bit closer at these authentication measures to find out which is most effective.

Does Mobile Security Really Matter That Much?

In a word: yes.

Look at how much we can accomplish with a mobile device. While we’re used to the capabilities that a smartphone offers, it wasn’t too terribly long ago that these capabilities were unheard of outside of science fiction. It wasn’t until 1996 that practical PDAs came about with the Palm Pilot, followed by Blackberry in 2002 and 2004’s introduction of HTC’s Windows phones that we had a taste of what a “smart” phone would look like. It was only in 2007 that the first generally-agreed-upon smartphone, the iPhone, was released.

Just think about the difference between the devices we have today, compared to those that preceded them. While these so-called “dumb phones” were not devoid of sensitive data by any stretch, they may as well have been in comparison to today’s devices.

Now, there are applications for everything, from money management to medical data to shopping and every other purpose imaginable, many of which contain or regularly access personal data. Therefore, it is so important for these devices to be secured… the method by which a user can unlock the device being just one tiny facet of these security needs.

Evaluating Your Authentication Options

Nowadays, the authentication options present on mobile devices are designed to combine the needed security with the convenience of the user. Yet, since they aren’t all equally effective at securing the device, you need to be selective about the authentication method you use.

Let’s go over the options your device may offer and see which one is the best for your security.

Passcodes/PINs/Passwords

We’re all familiar with these authentication measures, as they’re generally the baseline authentication measure for any device, including mobile devices. They also help prevent other authentication proofs from being put in place without the user’s approval. While these security measures are far from impenetrable, they are secure enough to serve as the basis for sufficient security. This is, of course, provided that the user is responsible when they set them.

That said, many users don’t act responsibly as they should, leaving their mobile devices relatively insecure. A study conducted in 2012 revealed that the PINs people used were often of personal significance to them, were composed of repeated digits, or (most amusingly) featured the number 69. Other common numbers were those that could easily be typed in sequence, like 1234, 7890, and the like.

Another study showed that increasing the length of the PIN from four numbers to six rarely added any security benefits, again because of the user. Apparently, the added length makes the user feel more secure by default, and by doing so, gives them the comfort to slack off in how secure their PIN is.

Naturally, assuming the user has the patience to retype their password each time the device locks, this option is more secure than a PIN. Regardless, these options are generally accepted as the most secure option right now.

Biometrics

Thanks to the hardware and software that our devices now support, users can now use their physical attributes to confirm their identity, as biometric authentication has risen in popularity. Naturally, the different methods that make up biometric authentication aren’t as consistent as many would assume.

Fingerprint Sensors: The first phone to have a fingerprint sensor—the Pantech GI100—first launched in 2004, and with the Toshiba G500, the fingerprint sensor became a mainstream inclusion on smartphones. This isn’t expected to change, with projections predicting that 90 percent of devices will still have a fingerprint sensor in 2023, as compared to 95 percent in 2018.

Fingerprint sensors come in many kinds, which does impact their security somewhat. For example, Samsung has started to incorporate sensors under the screen to enable a three-dimensional image to be captured. However, this inherently secure technology can be undermined using a screen protector, as the screen protector can actually lead to any fingerprint being accepted. There is also the concern that fingerprints can be harvested from another source and transplanted to the device to unlock it, so the user needs to prioritize making sure their device is properly acclimated to their unique print.

Iris Scanning: Currently, iris scanning is seen as the most secure biometric authentication, as the iris is even more unique than a fingerprint. While these capabilities are currently present in many devices, many users don’t use them. This is generally because it takes longer to scan the iris, as the user must direct their gaze to the sensor.

Facial Recognition: Fingerprint recognition has begun to be replaced by facial recognition capabilities, particularly with the rising prevalence of full screen displays. With a decent software installed and a good set of reference data, facial recognition can make unlocking a device effectively effortless. However, that’s assuming that the software is good and that the reference images are good. If these images have blights like glare on them, it is harder for a user to unlock and easier for a hacker to crack.

Pattern Passwords/Knock Codes

Finally, we’ve come to the least secure option of all. Many Android devices offer the user the option to tap a pattern of their choosing on a grid to unlock their device. Multiple studies have disproven the security of this method, simply because it isn’t too challenging to figure out a user’s pattern.

In one study, it was found that 65 percent of the 351 participants involved created a code that followed Westernized reading patterns, starting at the top-left and progressing to the top-right. Increasing the size of the grid only led to users selecting shorter patterns. Many patterns proved common amongst the participants as well:

  1. An hourglass: top left, top right, bottom left, bottom right, top left, top right
  2. A square: Top left, top right, bottom right, bottom left, top left, top right
  3. The number seven: Top left, top left, top right, top right, bottom left, bottom left

To top it all off, the researchers found that knock codes were rapidly forgotten. 10 percent of the participants had forgotten their selected code by the time the 10-minute study was over. Plus, they’re slower: knock codes took five seconds to input, while a PIN takes four and a half.

Don’t Skip Securing Your Mobile Device

If you’ve made it this far, you’re likely a smartphone user, and as such, it plays an important part in both your professional and personal life. As you have probably gathered, you can’t afford to short-change any aspect of your security, down to the way you unlock your mobile device.

Central Technology Solutions can assist you in ensuring your business’ technology is adequate for your purposes, and that it has the necessary protections surrounding it. To learn more about our services, reach out to our team at 1-844-237-4300 today.

Your Business Needs a Well-Structured Mobile Devic...
Tip of the Week: Two Kinds of Best Practices for R...
 

By accepting you will be accessing a service provided by a third-party external to https://www.centraltechnologysolutions.com/

Join our mailing list!

  • Company Name *
  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      QR-Code dieser Seite

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Productivity Cloud Data Privacy Hosted Solutions Network Security IT Services Data Backup Email Internet Malware Hackers Efficiency IT Support Software Business Innovation Outsourced IT Microsoft Data Recovery Hardware Mobile Devices Productivity Computer Google Managed IT Services Business Continuity Smartphone Small Business Cybersecurity Upgrade IT Support Backup Collaboration Cloud Computing Phishing Ransomware Disaster Recovery User Tips Communication Workplace Tips Business Management Tech Term Mobile Device VoIP Managed Service Provider Managed IT Services Android Windows 10 Internet of Things Managed Service Smartphones Data Management Social Media Paperless Office Quick Tips communications Browser Encryption Remote Monitoring Facebook Network Saving Money Managed IT Server Save Money BDR Office 365 Covid-19 Windows 10 Artificial Intelligence Windows Miscellaneous Business Technology Virtualization Remote Work Help Desk Wi-Fi BYOD Users Compliance Risk Management Holiday Apps Document Management Passwords App Training Healthcare Chrome Windows 7 Vendor Management Health Office Password Government Microsoft Office Analytics Mobile Device Management Automation Avoiding Downtime Employer-Employee Relationship Big Data Money Robot Bring Your Own Device Data Security Going Green Bandwidth Blockchain Laptops Unified Threat Management Recovery Content Filtering Gmail Firewall Applications Antivirus Project Management Gadgets Infrastructure Two-factor Authentication Mobility Data storage Computing Data loss Vulnerability File Sharing SaaS Telephone Systems Information Technology Processor Regulations Hosted Solution Files Wireless Website Information Computers Storage IT Management Redundancy Tip of the week Scam Apple Social Customer Service Proactive VPN Software as a Service Router Virtual Reality Employee-Employer Relationship Customer Relationship Management Machine Learning Unified Communications Maintenance Virtual Private Network OneDrive Tablet Budget Downtime Meetings Printing IT Service Operating System Hard Drive IoT Access Control Remote Computing Mobile Office Politics Settings Company Culture Work/Life Balance RMM Flexibility Social Network Dark Web Instant Messaging Hacker Augmented Reality Data Storage Solid State Drive Time Management Networking Current Events The Internet of Things Patch Management Wireless Technology Legal File Management Managed Services Provider Upgrades Payment Cards Management Smart Technology Data Breach Remote Monitoring and Management Twitter Spam Network Management Net Neutrality Co-Managed IT YouTube Display Remote Workers WiFi Assessment Bitcoin End of Support Server Management How To Internet Exlporer Professional Services Managed Services Consultation Outlook Monitors Uninterrupted Power Supply Mouse HIPAA Administration Private Cloud LiFi Electronic Medical Records Cooperation Education Alert Electronic Health Records Mobile Security Tech Support Google Drive Employees Word Search Remote Worker Monitoring IT solutions Digital Payment Business Growth How To Samsung Recycling Websites Identity Theft Mobile Computing Licensing Chromebook Utility Computing Consulting Sports Public Cloud Teamwork Backups Managing Stress Motherboard Law Enforcement Drones Return on Investment Downloads OneNote Marketing Notifications Firefox Database Sensors eWaste Cyber Monday Read Only Buisness technology services provider Heating/Cooling IT Consulting Deep Learning Travel Database Management Shadow IT User Error Language Tech Terms Laptop Black Market Botnet Mobile Device Managment Options Software Tips Holidays Cables Backup and Disaster Recovery Smart Tech Writing Emoji WannaCry Notes Migration Automobile Shared resources Computer Care Windows Server 2008 Enterprise Content Management Data Warehousing Finance Network Congestion Hacking Gadget Alt Codes Active Directory Operations CRM Cryptocurrency Voice over Internet Protocol Technology Assurance Group ’s 18 Computer Repair Servers GDPR Outsourcing Computing Infrastructure Theft Remote Working Physical Security 5G IT Wires Human Error Retail Cortana PowerPoint GPS Value of Managed Services Cost Management Technology Tips E-Commerce Chatbots Hacks Vulnerabilities Microsoft Excel Authentication Modem Disaster Trending Typing Windows Server Connectivity Multi-Factor Security Wearable Technology Remote 3D Printing Supercomputer Telephone Enterprise Resource Planning Distributed Denial of Service Bookmarks Annual Convention Technology Laws Crowdsourcing Best Practice Video Conferencing Printer WPA3 Alerts Financial Processors Mail Merge Features Identity Office Tips Touchscreen Techology G Suite Wireless Internet History Business Telephone Permission VoIP Sponsor Tracking Comparison Lenovo Manufacturing Google Maps Optimization Geography Authorization Cookies Update Security Cameras Taxes User Management Google Calendar Banking Unsupported Software Virus Windows 8 Transportation IT Budget Save Time Mobile VoIP Mobile Managed IT Service Favorites San Diego Statistics Biometric Fleet Tracking Procurement Peripheral Address Cache Specifications Disaster Resistance Employer/Employee Relationships Cabling IT Assessment Test Virtual Desktop Social Engineering USB Digital Obstacle Identities Virtual Assistant Vendor Superfish Hard Disk Drives Virtual Machines High-Speed Internet Permissions Nanotechnology Batteries Star Wars Legislation IT Technicians Mobile Data Cyber security Break Fix Conferencing Social Networking Bluetooth Point of Sale Google Wallet Projects Gamification SharePoint Asset Tracking Staff PCI DSS Smart Devices Black Friday Cyberattacks Roanoke — Central Technology Solutions Dark Data Personal Information Proactive IT Cybercrime Proactive Maintenance Digitize Unified Threat Management MSP Hotspot Outsource IT Safety Spyware Course Hard Drives Wasting Time Google Docs Sync Solid State Drives Humor Credit Cards Development Fraud Zero-Day Threat Screen Reader Shortcut Telephony ROI Mirgation Web Server Cameras Emergency Printers Motion Sickness CrashOverride Administrator CCTV Relocation Webcam Regulation IT Consultant Error Students Hard Disk Drive