Biometric, PIN, or Password – What’s the Safest Way to Lock Your Smartphone? It Starts with the Realization that You Need to Secure a Phone
The safest way to lock your smartphone starts with the realization that you actually need to secure your electronic devices. The best way to lock your smartphone isn’t just to keep your spouse or parents from spying, but also to protect your money and messages in the event your phone is lost or hacked.
Our phones are devices we use daily if not hourly. Phones and the apps installed on them, contain personal photos, videos, logins to our bank accounts, and saved passwords. Many mobile devices are synced with our computers or laptops at home so if a phone was hacked a lot of personal information could be stolen.
Using no log-in protection at all is obviously the worst thing to do and does not protect your smartphone at all. Anyone can pick up your phone and start using it.
Biometric login is one of the safest ways to lock your smartphone. With biometric login, your body is the password. Fingerprint scans, facial recognition, and eye scans are all forms of biometric login. While using biometrics is definitely more secure than using a swipe or password there are differences in safety and security for each method.
Fingerprint scans are a type of biometric login that can secure your phone and any app that can also access the fingerprints stored on your phone. To start using fingerprints as a way to authenticate login credentials, you’ll have to scan fingerprints from each hand. If you don’t have a newer mobile device or laptop that support fingerprint scans, then consider upgrading to a new phone or new laptop that does.
Fingerprint scans are not perfect though, and like facial recognition, sometimes simple means has defeated fingerprints.
Facial recognition is at the top of privacy concerns lately as it adds a layer of security but imposes upon people’s privacy. Often people don’t know (because they were never informed) that their faces are being scanned and analyzed. Their images are being recorded and data about them stored in databases shared by police agencies.
The US Department of Homeland Security uses facial recognition as a way to positively identify people at airports and allow them to use their facial scans as boarding passes and security clearance. But there are different levels of facial recognition, quality of cameras, and capability of the software that analyses people’s faces. The facial recognition app used to lock your smartphone is nowhere near the advanced technology used by border agents at airports and bridges.
If you use a mobile wallet to pay for purchases online or in stores, your eWallet (mobile digital wallet) may require that you use either facial recognition or a fingerprint scans to secure your device. An eWallet like Apple Pay or Samsung Pay must be secured with biometrics to protect the payment information on them.
Mobile wallets are a superior way to protect your money at pay at point-of-sale terminals. The merchant does not ever see or receive your full payment card numbers which makes transactions more secure for shoppers. The transaction is authorized with a one-use token which protects money from fraudsters. A PIN, password, or swipe are not secure enough and not accepted as a form of authentication by many eWallets.
RELATED READ: 10 Cyber Security Tips for Business Travelers
An authenticator app like Google Authenticator stores a passcode or token associated with the device or app on your phone. When you use any authenticator app, after you log in with your usual username and password, you will be asked to check for a code listed in the authenticator app. The authenticator supplies one-third of the credential needed to login to the device. Of course, your phone, tablet, laptop, or app must support using an Authenticator app.
Swiping is one of the least safe ways to lock your smartphone. After all, there are only nine digits on a smartphone keypad so there are only so many combinations for a swipe unlock pattern. All combinations can be calculated with a simple spreadsheet. The majority of swipe combinations begin in the upper left-hand corner, making it even easier to take guesses at what combination will unlock any phone. Making swiping as a way to lock your smartphone even less secure is a fact that if anyone in visual range of your phone may see the swipe pattern. It’s pretty easy to repeat it.
Passwords are a reasonably safe way to lock a smartphone as long as the password is difficult to guess and unique to that device. The majority of people reuse passwords on at least one or more device or online account. That means if a hacker is able to gain access to one of your passwords, that information may likely unlock login credentials to a variety of other apps or devices connected to the same user.
Each year a list of the top one hundred thousand most common passwords is published. It never fails that extremely simple passwords like password123 and consecutive numbers make the list of common passwords. Hackers use online collections of dictionary words, common passwords, sports teams, cities, bands, and favorite foods and use them to brute force their way into online accounts using computer code.
That’s why it’s important to generate a unique and super strong password for every device and online account. If you can’t remember a unique password for each device and app (most of us can’t) then use a password generator and password vault to create strong passwords and remember them for you.
Two-factor authentication, or 2FA, requires a second form of login information to gain access to a device or an app. An example of using 2FA to lock a laptop would be requiring the insertion of a key fob into a laptop USB port after the password is entered. To safely lock a smartphone using 2FA would require a fingerprint scan and a password or some other combination up to factors.
Using 2FA offers a safe way to lock down a smartphone. However, it doesn’t guarantee that the person logging in is the actual authorized device user.
Multi Factor Authentication
Multi-factor Authentication is a safe way to lock your phone and uses the same methodology as two-factor authentication but adds one or more steps requirements to the login process. For example, multi-factor authentication may have to use a fingerprint scan, a password, and an authenticator to gain access to a device. It doesn’t necessarily matter which form of authentication is used. To make it the safest way to lock your smartphone, a combination of facial recognition, fingerprint scanning, and an authenticator app can lock the phone securely.
Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers