Here's a scary question: What would happen if someone stole your smartphone? Is it password-protected? Are you automatically logged in to social media apps and banking apps? Do you download free games and apps without reading the fine print in the user agreement? Could a smartphone thief dive right in to your personal data and collect enough "secret" facts — your Social Security number, birth date, mother's maiden name — to effectively steal your identity? While we're at it, where is your smartphone right now?
If you just found yourself frantically patting down your pockets or digging through your purse, then you might be a prime target for identity theft. According to a 2011 study, smartphone users were a third more likely to be victims of identity fraud than nonusers. Indeed, 7 percent of smartphone users had been actual victims of identity fraud [source: Lipka].
Why? Think of all the ways people use smartphones, a mobile device that's more like a powerful pocket computer than a phone. We use them as mobile wallets and mobile cash registers. We download apps that let us check our bank account balance and write digital checks. We text donations to charities and transfer money to friends. We constantly update our status — where we are and what we're doing — on social media streams like Facebook, Twitter and Instagram. We even store contact information for all of our friends and business contacts right there on the phone, just a finger tap away.
Despite all this easily accessible information, the same study found a whopping 62 percent of smartphone users didn't password-protect their devices and even fewer had the ability to wipe their device's hard drive remotely [source: Lipka].
According to a 2014 Pew Research survey, 90 percent of American adults have a cell phone and 58 percent have a smartphone, a percentage that's sure to increase in the coming years [source: Pew Research]. Keep reading for the dumbest mistakes to make with your smartphone and the smartest security tips for keeping your data and your identity safe.
Biggest Smartphone Security Mistakes
The single worst security mistake you can make with a smartphone is to leave it unprotected. All smartphones allow you to password-protect the "unlock" function. Older Apple iPhones require a four-digit code, while the newer models feature fingerprint recognition. Some Android smartphones allow you to unlock the screen with a series of tap and swipe gestures [source: Chen]. Failing to password protect your phone is like leaving the front door to your house wide open with your wallet and laptop sitting on the kitchen table.
Another foolish move is to remain logged in to banking apps or other online financial accounts like PayPal or Square [source: Levin]. Today's smartphones are so powerful that you can keep multiple apps open at the same time. The danger is that you will log in to your bank account to transfer some money and tap over to IM a friend without ever closing the banking app. If a thief grabs your phone at the right time, it's like finding a signed blank check.
Public WiFi "hotspots" are a boon for mobile Web users. Sending and receiving loads of data over a cellular network can get expensive, but free WiFi is just that — free! When it comes to security, though, you get what you pay for. It's a big mistake to let your smartphone connect to any random available WiFi hotspot. Savvy hackers can spoof a WiFi connection and gain access to usernames and passwords stored on your smartphone [source: Arthur].
The ultimate bonehead smartphone security move is to save all of your critical usernames and passwords in a file on your phone. We know it's hard to remember every password for your online banking app, Amazon and Facebook. But avoid the urge to e-mail yourself a spreadsheet with all of your secret login information and then put "passwords!" as the subject of the e-mail.
Keep reading for more tips on securing your smartphone against identity fraud.
Smartphone Security Tips
Even if you avoid the biggest smartphone security mistakes, you can still leave yourself vulnerable to identity theft. What if you forget your phone at a restaurant, or it gets swiped on the subway? A savvy hacker could crack your password, at which point it's open season on your personal data.
One of the best ways to protect your phone, even when it's lost or stolen, is by using a remote locator app. Apple offers the free Find My iPhone app that not only locates your lost or stolen phone using GPS, but gives you the power to remotely erase all of your personal information from the device. The free Lookout app offers the same remote location, lock and erase service for Android devices [source: Chen].
Even if your smartphone is safely in your pocket, thieves can still use malware — malicious software — to make fraudulent charges to your credit card. According to a 2013 report by security firm Trend Micro, there were over 700,000 different malware apps in circulation for Android smartphones [source: Merz]. Many of the apps disguised themselves as popular gaming and banking apps. Once the app is downloaded, it siphons money from the user by charging for undetected premium-rate texts.
To avoid malware infections, pay close attention to every app that you download, especially free apps. Make sure to only download official apps created by reputable and recognizable companies. Also, closely scan your phone bills for any unexpected texting charges.
If you work with highly sensitive information, or consider your personal information "classified," consider investing in data encryption. Many of the latest Apple and Android smartphones come with built-in data encryption that can only be unlocked by entering the device's passcode. There are also free apps like SecureMemo for Android smartphones that create a locked-down, password-protected file on your phone in which to store sensitive data [source: Chen].
For lots more information about mobile gadgets, identity theft and ways to secure your digital world, check out the related HowStuffWorks links on the next page.
Author's Note: Does a smartphone raise your risk of identity theft?
A few minutes ago, my wife walked in and asked me to register for online access to one of our retirement accounts. Her timing was impeccable. At that exact moment, I was reading an article about how important it is to use different passwords with each of your online accounts. The same article suggested that you change those passwords every year but never write them all down in the same place. So there I was, staring at my billionth login screen trying to choose a unique username and password that I would somehow remember five minutes from now without writing down. Impossible!
That's why I was so excited to hear about apps for your smartphone or computer that allow you to create a password-protected document to store all of those precious online passwords. Even Microsoft Word allows you to password-protect a document. Why didn't I think of that before? Now I can throw away the scrawled list of coded password hints that I keep taped to the underside of my desk. Er, on second thought, pretend you didn't hear that.
- Arthur, Charles and Boggin, Steve. "Wi-Fi security flaw for smartphones puts your credit cards at risk." The Guardian. April 25, 2011 (April 4, 2014) http://www.theguardian.com/technology/2011/apr/25/wifi-security-flaw-smartphones-risk
- Chen, Brian X. "How to Shield Yourself From Smartphone Snoops." The New York Times. April 3, 2013. (April 4, 2014) http://www.nytimes.com/2013/04/04/technology/personaltech/how-to-shield-yourself-from-smartphone-snoops.html
- Levin, Adam. "The 10 Dumbest Risks People Take With Their Smartphones." Credit.com. Jan. 31, 2013. (April 4, 2013) http://blog.credit.com/2013/01/the-10-dumbest-risks-people-take-on-their-smartphones/
- Lipka, Mitch. "Rise in identity fraud tied to smartphone use." Reuters. Feb. 22, 2012. (April 4, 2014) http://www.reuters.com/article/2012/02/22/us-idtheft-javelin-idUSTRE81L16520120222
- Merz, Theo. "Surge in malware on Android smartphone system." The Telegraph. Aug. 6, 2013. (April 4, 2014) http://www.telegraph.co.uk/technology/news/10225511/Surge-in-malware-on-Android-smartphone-system.html
- Pew Research. "Mobile Technology Fact Sheet." January 2014. (April 4, 2014) http://www.pewinternet.org/fact-sheets/mobile-technology-fact-sheet/