15 Android Security Tips You Need to Know
Android devices are getting safer all the time, but they still have a long way to go before they catch up to the standards of Apple's iOS. That's because while Apple assumes responsibility for iOS device security, Google farms out much of that responsibility to device makers, wireless carriers and, well, you. And if you don't want to be the weakest link in your Android device's security, here are several steps you need to take.
Install apps only from the Google Play store.
"Off-road" unauthorized app stores are wretched hives of scum and villainy. Like the Mos Eisley cantina, they're full of weird and dangerous stuff, much of which can steal your personal information, load malware or even hijack your Google account. Stick to the Google Play store by going into Settings > Security and making sure "Unknown sources" is disabled.
Inspect apps before you install them.
Bad stuff can make it even into the Google Play app store, which isn't policed as thoroughly as its Apple counterpart. Before you click the "Install" button on a new Android app, read through its lists of permissions and see whether they match what the app says it does. If a flashlight app, for example, needs to be able to make calls and send texts, that should raise some red flags. Don't install it.
Enable a screen lock.
You don't want strangers picking up your phone and leafing through it. Any kind of screen-lock code is better than nothing, although patterns and passwords are stronger than PINs, faces or fingerprints. (PINs can be cracked through repeated guessing; fingerprints and faces can be fooled, and police won't need a warrant to get them.) Too inconvenient? Set up your phone so that the screen locks only after a few minutes of inactivity, or not at all if it's connected to a trusted Wi-Fi network or your car's Bluetooth signal.
Enable screen pinning.
Android 5 Lollipop and later versions let you "pin" a specific app to the lockscreen. That way, your nephew can play Cut the Rope on your phone without being able to read your email. Go to Settings > Security > Screen Pinning, toggle the on/off switch, and, if available, also toggle "Ask for PIN before unpinning." Then open an app, tap the Recent button at the bottom of the screen, select the app card and tap the pin icon on the bottom right. Press the Recent or Back button to unpin the app, but you'll need to unlock the screen to access the rest of the phone.
Install an antivirus app.
Android devices can be infected with malware, usually through a dodgy app. Avoid that with a robust antivirus app that screens each new app and routinely scans the rest. We've got a list of our favorites here, and most of them have free versions.
Update your Android software when prompted.
Google pushes out new security updates to Android every month. Unfortunately, not all phones or tablets will get them, as wireless carriers and device makers have the ultimate say on when a software update is ready. (If you have a recent phone from Samsung, Motorola or Google itself, you probably do get the updates. If you have a Google phone running Android 7 Nougat, the updates will be automatic.) Go into Settings > About phone > System updates and click "Check for updates." Some phones also display the "Android security patch level" in About phone; later is better.
Don't connect to open or public Wi-Fi networks.
Joining any Wi-Fi network without a password means anyone on the same network can access your device. If there's a password to access the network but you're sharing that network with strangers (such as in a cafe or hotel), then that's just as bad. Stick to cellular data, bring your own cellular Wi-Fi hotspot or use a VPN service that can protect you even when you're on public Wi-Fi.
Turn off connections you don't need.
You should turn off your Wi-Fi, Bluetooth and GPS connections when you're not using them. (Some phones can be set up to do so when you leave your home or workplace.) This will not only save battery life, but also prevent your device from connecting to random Wi-Fi networks, being tracked by Bluetooth beacons in shopping malls and, if you're the paranoid type, being followed by spy satellites looking for your GPS signal.
Enable Android Device Manager.
Should your phone be lost or stolen, Android Device Manager can make it ring, lock its screen or, if the GPS is turned on, locate it anywhere in the world. The service can even wipe all your personal data from the phone, but that's a last-ditch option as you won't be able to find the phone again. Here's our guide to setting up Android Device Manager.
Fine-tune app permissions.
Android apps used to have a take-it-or-leave-it model that forced you to accept every permission an app could have in order to use it at all. So if you wanted Facebook Messenger, you'd have to let it do pretty much whatever it wanted. Beginning with Android 6.0 Marshmallow, that changed. Users can fine-tune app permissions by going to Settings > Apps > Gear icon > App permissions.
Uninstall apps you never use.
You probably have a dozen apps installed that you don't use any more. Uninstall them. Your phone may run faster, and you'll reduce the risk that malware or an attacker will exploit a hidden flaw in an app. Don't worry — if you've paid for an app through Google Play, you can always reinstall it at no charge.
Set up two-factor authentication on your Google account.
This won't directly protect your phone, but it will make it much harder for bad guys to hijack your Google account, which is probably deeply intertwined with your Android devices. Log into Google on a desktop web browser by going to myaccount.google.com, click "Sign-in & security," and then click "2-Step Verification." After you set it up, you'll have to enter a number texted to your cellphone once from every device or computer.
If your phone is old, buy a new one.
Many Android devices stop getting security and software updates as soon as 18 months after release. Even Google cuts off its own devices after about 30 months. To make sure you're getting the safest and swiftest version of Android, get a new phone every two years or so.
Encrypt your phone.
Google lets you encrypt your phone's entire contents so that they can't be read without a passcode or PIN. That will defeat a snoop trying to access personal data, but it won't stop a thief who's stolen your phone and plans to resell it.
Lock individual apps.
Certain apps, such as email or banking ones, contain sensitive data that should be kept secret. You can lock them individually with a dedicated third-party app such as AppLock; some Android antivirus software also offers app-locking features.