How to Secure an Android Phone
Keep Your Phone Secure
The Android OS is very popular these days, and many people have Android phones. There are multiple things you can do to keep your Android device secure, and in this article, I explain what they are.
Table of Contents
- Secure Your Phone With a Lock Screen
- Other Things to Lock
- Use Encryption
- Be Careful When Connecting Your Phone to a Computer
- Keep Your Phone up to Date
- Use Google Play
- Google Play Is Not Perfect
- Is It Safe to Install Apps from APKs?
- There Are Safe Ways to Get APKs
- What About Pirating Games and Applications?
- Why You Should Keep Your Google Account Secure
- Other Options to Keep Your Google Account Secure
- Do You Need an Antivirus Software on Android?
- Do You Need to Use a VPN on Android?
- Is Rooting an Android Phone Safe?
- Do You Root Your Android Phone?
- Is Using a Custom ROM Safe?
- Recap of How to Avoid Malware on Android
Secure Your Phone With a Lock Screen
Use a Lock Screen
Secure your lock screen with a password, pattern, or a pin. Passwords are the most secure but harder to remember, and I use a pin myself.
Use Hardware Security
If your device has the right hardware, you can use it to unlock your phone a well. For example, my current phone, the LG V20, has a fingerprint reader, and I use it all the time. Some newer phones can unlock the screen using your face.
Other Things to Lock
Lock Important Applications
Secure applications with a pin or fingerprint as well, as doing this adds an extra layer of security and privacy.
Password Protect Purchases
I also recommend making purchases that need a password or fingerprint to confirm them. Even if you do not share your device, I recommend doing this, as this will help prevent accidental purchases.
Encrypt Your Phone
Encrypting your phone is another way to secure it from threats. Doing this will make sure the data is very secure as without your password nobody will be able to access your phone.
Encrypt Your SD Card
You can also encrypt an SD card, and if you do this, you must use the SD card inside your phone to transfer files with a USB cable.
New Phones Are Encrypted Already
Some newer phones come already encrypted, and my current Android smartphone was.
Be Careful When Connecting Your Phone to a Computer
When using a USB cable to connect a phone to a computer make sure you select the right option. Only use transfer files when you need to do so. Otherwise, use the phone charging option.
Keep Your Phone up to Date
Download All Updates
Whenever your phone gets updates, download these as soon as possible, as most security updates fix exploits. You can avoid many issues Android has by updating your device, and I recommend downloading security updates as soon as possible.
When Not to Update
Only refuse to update to a new version of Android if you know some applications you use daily does not work yet. Also, know if you test betas or developer previews of Android there may be bugs and I do not recommend doing this.
Use Google Play
Be Careful About What Apps You Download
The first line of Android defense is to be careful what applications you use on your phone. I recommend downloading applications from Google Play.
Google Play Is Safe
Google Play does a great job at filtering out bad applications, and hopefully, you will never see any.
Google Play Is Not Perfect
There Is Malware on Google Play
Google Play is not perfect though, and sometimes there are cases of malware in the store.
Google Play Malware Examples
Be Careful of Using Unknown Apps
In most cases, these bad applications all have something in common. Unknown developers make these applications, and they normally are very basic.
Applications like file cleaners, flashlights, and music players are some examples. You will have to dig deep into Google Play most of the time to find these applications.
Use Applications from Well Known Developers
My recommendation is to download applications from well-known developers. Anything on the top charts and applications most people recommend will be safe. I am not saying all small, and new developers are untrustworthy, but remember to be careful.
Is It Safe to Install Apps from APKs?
What Are APKs?
Android application packages (APK) store Android software and these files install new applications. To install applications from APKs, you will need to enable an option to install from external files.
Be Careful When Using APKs
You need to be careful when installing files using APKs and you need to make sure what you are installing is safe.
There Are Safe Ways to Get APKs
Not All APKs Are Bad
There are safe places to download APKs, and a website like APK Mirror is trustworthy.
APKs Let You Download Apps You Can't Get Normally
In some cases, Google Play blocks people from downloading certain applications. The application may still run on a phone, so people download and install the application anyways.
You sideload applications when you download and install them this way.
Some Developers Distribute Outside Google Play
Some developers sell and distribute applications on their own websites. Google does sometimes block useful software from being on Google Play for various reasons.
Other App Stores
A great example of an application store other than Google Play is F-Droid. F-Droid is an open source software store, and open source software is very trustworthy because people can verify that an application is safe to use.
What About Pirating Games and Applications?
People Pirate Apps Often on Android
Piracy on Android is high, and there are many ways to download and install paid applications for free.
You Should Support Developers
Supporting developers is in everybody's best interests. I am not going to argue over the morality of piracy as people will do what they feel is best.
Pirate Apps May Give You Malware
I want people to know the risks and to be careful. I won't lie and tell you that all pirated software is bad and will give you malware as this is not true.
Yet there is no 100% way of knowing what pirates have changed in the free version of applications they offer, and there is a chance of getting malware.
Unless you have 100% faith in pirates, you will always be at risk when downloading free android applications this way.
I Do Not Recommend Using Pirate Apps
I know there are applications out there that run well and do what they promise, but due to even the slightest chance of malware, I can't recommend using these applications.
This article by Android Central goes over these issues in more detail, and I recommend reading it.
Why You Should Keep Your Google Account Secure
Your Google Account Is the Most Important Account
On Android, your Google account is the most important one to secure. Your Google account holds all your data and any applications, books, and movies you buy from Google Play.
When you first turn on an Android phone one of the first things you do is create a Google Account or use an old one to sign in.
Use a Strong Password
Make sure you use a strong password. Make a password with at least six characters and use special characters and numbers. Using a weak password is dangerous.
Use a Password Manager
I recommend storing your passwords with a password manager. I am currently using Bitwarden because it is open source and free, but there are other decent options. Secure your password manager with two-factor authentication to be extra safe.
Other Options to Keep Your Google Account Secure
Have a Back Email Address
Make sure you have a backup email address to use and give Google your phone number. You use these methods to verify yourself when you are having issues with logging into your account.
Use the Google Security Checkup
Occasionally, run the Google account security checkup tool as well.
Use a Mobile Authenticator
Why Use Two-Factor Authentication?
With two factor authentication, it is a lot harder for an intruder to get access to your account. Intruders will need to be able to generate the codes tied to your device to log into your account.
Using two-factor authentication is one easy action everybody can take to make their accounts much more secure.
Do You Need an Antivirus Software on Android?
If an antivirus does not have a huge impact on performance, there is nothing wrong with having one. This guide from Tom's Hardware is a good read and goes over options to choose from.
Do You Need to Use a VPN on Android?
What Is a VPN?
A virtual private network (VPN) is an optional way to secure your phone when you are using an unknown Wi-Fi connection.
Some people also use VPNs because of geographic restrictions and in some cases restrictions their countries government sets on internet usage.
Use Safer Wi-Fi
Do I recommend using a VPN? If you want to be safe when using unknown internet connections, a VPN is a way to be safer.
Is Rooting an Android Phone Safe?
Why Use Root?
Some people use Root because they want full control of their phone and there are some applications that require it.
Using Root Could Be More Dangerous
Rooting an Android phone is the equivalent of using a Linux operating system as the superuser. You will be much more open to malware and external threats, and you will need to really know what you are doing to stay safe.
Also because of SafetyNet, some games and applications will refuse to run on phones that detected as being rooted. Pokemon GO and Google Pay are a few examples.
Magisk is a more modern way to root phones. Using Magisk fixes a lot of the previous issues Root users had. With Magisk installed correctly, you will not have SaftyNet issues, and everything runs great. If you do Root your phone, I would use Magisk.
Do You Root Your Android Phone?
Is Using a Custom ROM Safe?
Custom ROMs Are Safe
Custom are ROMs are safe, and in fact, some have even more privacy and security features than standard Android. LineageOS is an example of a very popular custom ROM.
Use Custom ROMs to Keep Old Phones up to Date
Custom ROMs are ways to keep older phones up to date and to also get certain features and settings not found on normal Android OS.
Do Some Research
Make sure to do some research about custom ROMs before trying anything. You need to be sure your device supports custom ROMs and make sure there is a way to install them.
Be sure you 100% understand what you need to do as there is even a higher chance of bricking your phone, and I would not recommend using custom ROMs to the average user.
Google Apps May Be Missing
In some cases, you will need to install Gapps (The Google Play store and other related applications) separately.
Missing Features on Custom ROMs
Your phone may also have missing features or weird issues depending on the custom ROM you are using and who maintains the versions.
Recap of How to Avoid Malware on Android
- Download applications from Google Play or 100% verified safe sources.
- Do not install applications from APK files unless the application is 100% verified safe.
- Avoid downloading pirated applications and applications from unsafe and unverified sources.
- Use a password manager and two-factor authentication to protect your online accounts.
This content is accurate and true to the best of the author’s knowledge and is not meant to substitute for formal and individualized advice from a qualified professional.
Questions & Answers
What should I do if I get strange security notifications from Google?
If you are getting unknown security confirmations on Google, then your account is most likely compromised. I would go to the Google Account security page and change your password as soon as possible.
I would also check and see what devices you are logged into. Sign out of any devices you don't recognize.
© 2018 Eric Farmer