IT security at the University of Bern

Mobile device security: How to protect your smartphone

Answering email, surfing the web, socializing, or shopping online - with a smartphone, you can do it all wherever and whenever you like. We use our smartphones almost exactly like our computers or laptops - so we should be giving them the same protection.

Your smartphone is a little computer.

It's rather handy. We use smartphones to pass the time on the train, in queues, and during our coffee breaks. Thanks to smartphones, we can shop online, check our emails, transfer money and post pictures and messages on social media wherever we are. When we’re out and about, our smartphones do pretty much everything our computers do at home. But do we protect them the same way?

Sadly, phishing and malware work just as well on smartphones. Whenever we browse the internet - be it via a laptop or a smartphone - we put ourselves and our data at risk. The same applies to emails and messages.

You need to
protect your
smartphone just
as carefully as you
protect your
computer.

Five top tips for protecting your smartphone

Set up a strong security lock on your smartphone.

Only install apps from authorized app stores and only grant permissions if absolutely necessary.

Check your software and apps for the latest updates and install them as soon as possible.

Don't be fooled, and always think twice about tempting offers.

Remember that third parties can view everything you do online while connected to public WiFi.

1. Lock your smartphone

Lock screen: If your smartphone falls into the wrong hands, a strong lock screen could protect your photos, contacts, apps, and so on. Your best bet is a PIN with at least six digits. But whether you use a PIN, a swipe pattern, or a fingerprint – the important thing is that you have set up a secure lock screen.

Setting up a PIN request for your SIM card is an extra safe option. That way, nobody can use your SIM card on another smartphone. Nobody can use your number to make calls or send messages to strangers. And nobody can access the contacts or data, such as photos, stored on your SIM card.

2. Double-check apps

Before downloading: As a rule, you should only download apps from official app stores (Apple App Store, Google Play Store, etc.). But even these apps aren't 100% guaranteed to be safe: criminals are constantly developing new apps that can read your data or infect your smartphone with a virus. These are disguised as harmless apps, often created with names and logos very similar to popular apps. Check the name and logo carefully. The more often an app has been downloaded, the more likely it is to be genuine.

After downloading: When you download a new app, it's worth checking which permissions and access it requests. Sometimes, even simple games will request access to contacts, files, location (GPS), or the camera. You can edit these permissions in the app settings. Remember the golden rule: grant as many as necessary and as few as possible.

3. Install updates

Software and apps are constantly improving: better sound quality, prettier designs, more features, and often improved security. You can access these improvements by installing an update on your smartphone.

To install updates, you must connect your smartphone to the internet. If you’re traveling or haven’t had an internet connection for a while, it may take a little while for all updates to fully install. Most providers issue automatic updates. This usually means it’s easy to keep your phone up to date – you don’t need to do anything!

You can find available updates for your apps here:

  • Google Play Store -> My apps & game -> Updates.
  • Apple App Store -> Account symbol -> Available Updates

4. Look out for dodgy calls, messages, and online deals

Whenever you're online shopping, online banking, browsing social media or reading your emails, always remember the golden rule: if it seems too good to be true, it probably is. Whenever you see any tempting offer - whether it’s for shoes, money, jobs, or love - always double-check before you pounce on it.

If you receive a suspicious phone call, tell the caller that you'd be happy to call them back. That way, you can check whether or not they are genuine. If you receive an unexpected message containing a link, resist the temptation to click it. Remember: you should never pass on any of your passwords, even on your smartphone.

5. Take care using public WiFi

You can upload photos, transfer money and check your emails anywhere, whether you’re on a train, on a plane, or in a cafe - yep, free public WiFi is great.

But when you log in, bear this in mind: in theory, anybody logged into that WiFi network can - with the right expertise and equipment - see what you're doing online, such as the websites you visit. If you're on an insecure website (open or grey padlock symbol before the URL -> no HTTPS), third parties can even see the information you enter on the website, such as your credit card details or passwords. Using a VPN offered by an authorized provider or your company could protect you from these risks.