How to secure your Android phone? If that’s what you’re asking, you’re at the right place.
Did you know Android despite being the world leader in mobile apps, is open-source and extremely vulnerable?
In this piece, I’ve shared over 15 different ways you can add security to your Android device. And yes, most of those are 100% free and in-built on your Android device.
Most of these settings pre-exist on your device. You don’t know or use them.
You’ll not just learn steps to secure your device, but also to find it if lost, block access and be a more private individual overall.
Let’s get started then?
What are you Securing Against?
Before I teach you how to secure an Android phone, you need to know what you’re securing “against”, right?
Now, there are two major threats you need to be aware of.
- Threat from hackers, viruses, thieves etc.
- Threat from your govt. and ISP.
The first kind of threat is easier to handle. You turn a few features on or off and that limits their accessibility to your device.
The second kind of threat is a bit more complicated. To protect yourself from your govt. and your ISP, you need to go the extra mile.
Did you know your ISP knows everything about you? Your website visits, food interests, purchases, transactions and everything else. In fact, ISPs often throttle your speed for benefits to their partner sites or other reasons.
In this piece, I’ll cover how to secure your Android phone on both the fronts.
Use a VPN
I say this for every device on the planet- USE A VPN! Yes, for your computer, router, TV and obviously, phone.
The VPN basically breaks the biggest and most identifiable link between you and your internet activities, Your IP address.
Whatever you do online, creating an account, making a purchase, watching a video, everything is linked to you. It takes seconds to find exactly who performed a specific action on the web.
A VPN prevents that. It hides your actual IP address, and provides you with a new IP address that you use.
This IP address isn’t “yours” and is that of the VPN. Hence, any trace leads back to the VPN and not to you.
Reputed VPNs like NordVPN also have an independently verified and audited no log policy. So, even when forced, they can not reveal your identity or details.
The VPN also lets you access otherwise restricted content/websites/games. If you play games, it can help you reduce latency if you choose a server closer to the games’ server.
VPN connections are also “encrypted”. So, you should use a VPN even when you aren’t doing anything illegal or censored. The encryption prevents hackers and third-parties from hacking into your device or interfering with your connection in any way.
Additionally, NordVPN also protects you from malicious websites and malware. Get NordVPN now and Grab 68% discount today.
2. SurfShark VPN
Use Advanced Screen Locks
I refrained from using screen locks for a long time. I don’t have anything to hide, I said. I thought I was being smart by avoiding the unlock hassle everytime I wanted to use my phone.
Unfortunately, my understanding changed once my phone was stolen and I had to rush get my credit cards and SIM card blocked.
Fortunately, unlocking phones is no more a hassle. The face unlock (while much less secure) makes unlocking almost instantaneous. You look at your phone and it’s unlocked. Neat, right?
Although, I’d suggest going for the pattern lock if you need a bit more security. Also, “disable” the pattern lock trail. This means if anyone peeks over your shoulder, they wouldn’t see the trail of dots you’ve connected to unlock your phone.
Fingerprint is another biometric authentication that’s comparatively more secure and faster, yet not the most secure option.
It’s best if you use the PIN though. The 4/6 digit numerical PIN is a lot harder to guess than a pattern.
Most people are only aware about the PIN, pattern and biometrics (face/fingerprints).
Android devices today also offer two more advanced forms of locks.
You can now set “complex passwords”. These are basically a combination of alphabet and numbers, just like your other passwords.
These are way more secure than any number-only PIN that you can imagine.
Avoid Third-Party Apps
Google Playstore may not have all the apps you want. The most recent removals include the immensely popular game BGMI (a spinoff of its more popular global version- PUBG).
The most common way of getting these apps is either downloading the APKs directly off third-party sites, or using third-party app stores. Here are some third party apps store that you can use to download any apps for your smartphone.
- https://f-droid.org/ – F-Droid
- https://www.mobile9.com/ – Mobile9
- https://apkpure.com/ – ApkPure
- https://www.apkmirror.com/ – APK Mirror
- https://en.aptoide.com/ – Aptoide
- https://open-store.io/ – Open Store
- https://fossdroid.com/ – FossDroid
Both of these add immense vulnerability to your device. Third-party app stores are comparatively more secure yet cannot be 100% trusted.
Downloading APKs directly from a third-party source without an app-store puts you at even higher risk. That’s because the owners of these websites have uploaded those APKs manually. They are the sole judge/jury and executioner of the file. Hence, they can edit a file and load it up with anything they want before uploading to their sites.
Hence, it’s best to not download an app if it’s not on Playstore. You may still download apps directly from the “official” websites of reputed companies and brands.
Do not Root
I get it, rooting gives you more features and privileges. But, isn’t it obvious that it’s also giving the apps on your phone more access and privileges?
There are certain areas of your phone which are locked for security reasons. This is why access to them is generally restricted.
It’s not that accessing those areas will definitely result in your phone being hacked. However, it certainly opens up the possibilities.
It’s like giving the keys to your locker to a “friend you trust”. Sure, he may not steal your money, but, it does open up the possibility, doesn’t it?
Moreover, rooting also voids your warranty.
Turn on Play Protect
This is a feature not many are aware of. That’s primarily because it’You can turn it on in your Playstore settings. When enabled, it scans your device for harmful apps. Yes, not just for ‘new downloads’ but also the existing apps on your phone.
Click on your profile icon in the playstore (top-right corner) > click Play Protect > click on the gear icon (top-right corner) > enable “scan apps with play protect” and “improve harmful app detection”.
Do note that if you download third-party apps, they may sometimes trigger a warning.
Enable “Find My Device”
This is probably the easiest way to prevent your phone from getting lost. Android phones have this amazing feature which shows you a phone’s exact location remotely.
To enable this, go to settings > security > find my device.
All you need is a Gmail account, which I’m sure you’ve got. Just login to the same e-mail on any other device to track your phone.
It’s not just about the location, you can also make your phone ring remotely! Yes, even if the ringer is set to silent.
Even that’s not the limit. You can also check your phone’s entire trip history and the locations it has been to.
Need more security? You can lock your device and/or erase all data off it. That’s a massive help in case it’s stolen.
Avoid third-party Wi-Fi networks
You could be a victim of MITM attacks, packet sniffing, evil twin, sidejacking and so much more.
It’s best to use your own internet instead of the free café Wi-fi you may be getting. Also, always make sure that there are no two Wi-Fi networks by the same or similar names. If that’s the case, it may be an attempt at “evil twin”.
If you must use public Wi-Fi, use a VPN. The VPN encrypts your connection and makes it really hard for anyone to hack into your device.
Antiviruses aren’t limited just to phones. These days, you do get antiviruses for your Android phones as well.
Do note that antiviruses are known to slow your device down. This is natural considering how everything is being scanned and monitored in the background.
However, the reduction in speed is temporary and not even noticeable most of the time. When security is the tradeoff, I’d say the deal should be taken, wouldn’t you?
Do not Ignore Security Updates
Most Android phones come with default security patches for about 3 years. Those are the kind of devices you should go with.
Whenever a new update is available, you’re notified automatically. If you’ve turned notifications off, you can check the same manually.
Just go to your settings > about phone > system update.
If you’ve got an available update, you’d see it there. A single tap on the option updates your phone.
Uninstall Apps You Do Not Use
Often, we download an app, use it once and then forget all about it. That can be fatal. You must have heard of popular photo apps later being identified as malware.
This isn’t just limited to “photo editing apps”. Literally any other type of ad can be a malware. Photo editors are just a favourite of hackers because everyone grants “Album and camera access” to these apps.
My point is, go to your settings > apps > installed apps at least once a month. See which apps you haven’t touched in a month. Anything that you didn’t miss for a month, you probably won’t if you delete it forever.
Keeping unused apps on your phone also opens you up to future vulnerabilities.
Edit App Permissions
When you download an app, in most cases we just click on “allow all”. This grants the app permissions to everything that it demands, mostly gallery, camera, mic and so on.
It’s required to do so for most applications, but not always. E.g. a photo editing app may not need access to your “mic”, or a wallpaper app has no business asking for “contact” access.
Hence, when allowing permissions, check which permission are really required and which aren’t.
More importantly, always audit the permissions you’ve previously allowed your apps.
You can do that by going to settings > privacy > permission manager.
Revoke permission from all the apps which don’t need it. In fact, remove it from any app that you don’t use very frequently. You can always grant permissions later instead of just leaving them open.
Add Additional Users
This is a feature even I wasn’t aware of till a few days back.
Android lets you add “users” to your device. Once added, those users get an environment that almost feels like a new phone.
The apps, passwords, browsers (and their history) and all other data remains isolated from other accounts.
This means, you and your family can share the same account without breaching each others’ privacy.
However, I’m aware that phones are generally single-user devices. This is why most of you weren’t even aware of this feature.
However, creating multiple profiles has other benefits. Imagine your phone gets stolen. The thief/hacker will not find your apps/passwords right away. He’ll waste hours on every single profile before finding the original account.
Do not Use Smart Locks
Smart locks may seem smart, but they’re way less secure.
Never heard of smart locks? These are mostly proximity-based locks. Your device stays unlocked when:
- It’s on your body: As long as you stay on motion, the phone stays unlocked (for 4 hours).
- Trusted places: This uses GPS. You set a few places as “trusted places”. When your device is in those places, it stays unlocked.
- Trusted devices: You can set a few Bluetooth devices as “trusted devices”. The device stays unlocked when near the other devices.
These are less secure as the device stays “unlocked” most of the time.
Other Habits Which Secure Your Android Phone
Apart from the above “features”, there are certain habits which can add to your phone’s security.
- Always turn your Wi-Fi and hotspot off when not in use.
- Turn your GPS off when not in use.
- Log out of your social accounts instead of just leaving them logged in.
- Switch to secure browsers, such as Brave, Firefox or Tor Browser. These are way more secure than traditional browsers such as Google Chrome.
- Switch to anonymous e-mail accounts such as Skiff.com, Private-mail.com, Countermail.com, Proton.me. Gmail isn’t secure.
- Start using anonymous, end-to-end messengers. Signal, Wire, Telegram are good options.
Frequently Asked Questions (FAQ)
Here are a few questions and their answers pertaining to securing your Android devices:
How to best secure your Android phone?
There’s no “best” option. However, starting with the VPN is generally the best option. This is because the VPN offers you multiple features in one. The IP is changed, malware is blocked and encryption is added to name just a few benefits.
Is Android safe from hackers?
Nothing is safe from hackers. Not even the Federal Reserve. However, these steps will make your phone a bit more secure than it normally is.
Do Android phones have built in security?
Yes, they do. If you follow the steps above, you can secure your device without actually installing any additional software.
As stated earlier, start with a VPN. It solves multiple problems at once. Also, it’s one of the most effective ways of protecting yourself not just against hackers but also the govt. Nordvpn offers 68% discount today, grab it now.
When your phone is lost or stolen, the first thing you should do is lock and erase it. You can do that using the “find my device” settings mentioned above.
In most cases, you can make your device secure by just being a bit more cautious. Disabling Wi-Fi, GPS and adding screen locks are good starts.
Well, that’s it folks. While these steps aren’t absolute, I’m sure you now know how to secure your Android phone, don’t you?