Reimagining Mobile Security

By April 20, 2017blog
Mobile_security_Business_Risk-min

In the world of smartphones, our personal information is more readily at our fingertips than ever before. But if my personal information is at my fingertips, is it also available to other fingertips that may find their way to my phone?

When my friend grabs my phone from the coffee table to consult Google to determine who has won our bet about one silly piece of trivia or another, she immediately sees my push notifications on my lock screen, revealing a first layer of information about my mobile world.

Next, she asks for my password, which far too many of us are happy to share with friends, and this reveals a whole new layer of information to her. She sees which bank app I have downloaded to my phone, which newspapers I read, which shopping apps I use. If I’m not careful with my passwords, she could easily access some of those accounts and make changes, transfer money, or add her own groceries to my shopping list.

While I probably trust most of my friends not to do any of those things, the fact is that we are allowing more personal information about ourselves to become public knowledge and we leave ourselves vulnerable to phone thieves, data thieves, and even goofy friends playing practical jokes. Or, as has been reported far too often of late, children who are taught to unlock phones for emergencies or to play games, but end up racking up bills accidentally through various applications.

The solutions are out there, and they’re fairly simple, we need only to think creatively and apply them.

Two-factor authentication is, thankfully, fairly standard when it comes to apps with sensitive information, such as banking features. This means that in order to access certain apps or to use certain features in an app, one must log in using two steps of identification, such as a set password and a code sent by text message. This dual-layer of security makes it far more difficult for anyone other than the owner of the account to access information.

What if, instead of only doubling up on security, we also created layers of security? In addition to two-factor authentication, two separate passwords would unlock different features.  In essence, every mobile device could now have two layers of information. The first layer would be information we don’t mind sharing – like phone-calling capabilities so we can pass our phone to the kid at the bus stop who forgot his phone without worrying that he’s accessing our bank account, and access to Google so I feel comfortable sharing that password with my friend who grabs my phone to settle a bet. The second layer would be the more personal apps, such as financial institutions, shopping, medical records, etc. The password for this layer would be far more likely to stay confidential, thus adding a layer of protection to the information we store on our phones.

That’s not all. The technology exists to introduce more secure types of passwords. Biometric solutions are available and could be integrated into our mobile devices to make them more secure and deter theft. A great mobile device for someone who banks, shops, interacts with doctors, and pays bills online, could have a simple password that unlocks the less personal layer of mobile capabilities and then a biometric scan to unlock the layer of mobile that accesses information we all want to keep secure.

The number of people with phones around the world is growing rapidly and along with that, the amount of personal information stored on phones is growing as well. Mobile device and application vendors need to adapt to the way people use their phones – and let others use their phones – and ensure that our data remains as secure as possible.

5