Best Practices for Smartphone Apps A smartphone is basically a computer that you can carry in the palm of your hand. Like computers, smartphones have operating systems that are often called platforms. The four major platforms in Canada are: Android, created by Google and used on a number of smartphones, tablets and other devices from multiple companies. BlackBerry OS, used for BlackBerry phones. ios, for Apple s iphones, ipads, and ipod Touch devices. Windows Phone, created by Microsoft and used by a number of companies, such as Nokia. NOTE: This is not the same as the Windows operating systems used in computers. Smartphone programs are called apps (short for applications ). Each platform as an app store where you can download thousands of free and paid apps and in some cases, you can get other apps from unofficial sources. An app can do almost anything: run a game, play media, browse Facebook or even perform word processing. But not all apps are safe! Some are malware, designed to steal your private information. Others are just badly designed and leak it, or include features that might leave you accidentally sharing more information than you want to. Let s look at what you need to do to protect yourself. Take the essential steps first, and as you learn more about your smartphone, add advanced steps. NOTE: Smartphone app management is just one aspect of smartphone security. You should also pay attention to physical security by taking steps to make sure your phone isn t lost or stolen, and improve user security by learning your smartphone s features inside and out. Essential Steps 1) Study Before You Download Never download an app without reading reviews and using search engines to find out about it. Look for complaints about odd behaviour, such as the battery draining or certain features (such as GPS) turning on by themselves. 2) When in Doubt, Choose the Official App All major social media services including Facebook and Twitter, can be used with either an official app made by the service s company (or in some cases, the smartphone platform), or a selection of unofficial apps that offer an alternative look and feel or various special features, such as the ability to access multiple services at once. You should almost always stick to the official app unless an alternate app is well-known and trusted. Examples of trusted third party apps include Flipboard and Tweetdeck, which let you view multiple social media services in one place.
3) Learn to Use Your Apps Some apps have pretty simple features, but many come with a wide array of functions and settings. If you don t understand how your apps function, you may end up sharing private information by accident. This is especially true of social media apps. For example, the Foursquare app lets users check in to different locations tracked by GPS. Users can set the app so that only their friends can see where they are, but if you don t know how to do this, you might share your location with people they don t trust. Be especially careful with apps that can share your locations or photos. You should also become thoroughly familiar with who you are sharing information with: your followers and friends. Many people use social networking apps to connect with people they do not really know that well. Some of these services have the ability to separate connections into specific groups so that you can limit information to family or close friends. 4) Know the App s Permissions Most apps require permission to use your smartphone s features. For example, an app that lets you add filters to photos might need to access your phone s camera. Smartphone apps use the term permissions to describe these access requests. Most apps require certain permissions to function at all. When you download the app, your phone allows these permissions. Others also have optional permissions you can turn on and off. The fewer optional permissions you allow, the safer you ll be. Find Permissions Different platforms provide different ways of letting you know which permissions an app requests: Android: Tells you the permissions in the Google Play app store before you download. BlackBerry: Permissions are listed in device settings after you download. ios: Pop-up alerts tell you about certain permissions after you download. You can also view push notifications and location services permissions in Settings. Windows Phone: Listed in its app store. Discover an app s permissions as soon as you can. For Android and Windows Phone, you can do this before you even download the app and you should. Spot Problem Permissions Most permissions are safe the app just needs them to work properly. A few apps (especially free apps) include other permissions to drive advertising (such as ad banners that show up when you play a game). Deliberately or accidentally, some apps include permissions they don t need, and these might threaten your privacy by sharing information against your will. You should always pay close attention to the following permissions. If you can t figure out why an app would need it, don t install it or remove it from your phone. Geolocation/Location Services This not only includes GPS access, but the ability to find your location by using cell towers and Wi-Fi hot spots. Mapping and navigation software have a legitimate need for this permission. So do apps that look for things near you (like restaurants), track lost or stolen phones, or let you share your location over social
media (though you should avoid using those social media services). Other apps have no business finding out where your phone is. Note that even if you deactivate GPS, an app with location permissions may use other ways to track you. Contacts/Address Book Access Some apps go into your contacts (also called address book) to either find other users of the app you may already know, or to add people you know through apps such as Facebook. Some messaging and email apps may need access to function as well. If an app has no reason to get into your contacts but includes a permission to do so, get rid of it! Even apps that have a reason to use your contacts should be treated cautiously, as some apps have been known to automatically send messages to your contacts or upload them without using proper security. Watch for reports of this when you first look up the app. Calendar Access Only apps that provide an alternate calendar or are supposed to help you organize your time should have permission to access your calendar. A calendar contains lots of personal information, so be careful about allowing apps to read it. Camera Access Apps that handle photos and videos and social media apps that let you post images have good reasons to access your camera. A few other apps also include camera permissions for legitimate reasons. An app with camera permissions might be able to shoot pictures and videos without its owner s knowledge, or send photos and videos stored on the phone. Avoid using apps that can link photos and locations, and turn off that feature whenever you can. Call Access Few apps have a legitimate reason to use your phone s ability to make voice calls. Some messaging and conferencing apps use this permission properly. Otherwise, get rid of apps that include this permission, because it can be used to transmit your voice without your knowledge, or automatically dial premium phone numbers, running up your bill. Text Message (SMS/MMS) Access Some messaging apps use this permission for a reason. Other than that, don t install apps with this permission, as it can be used to send texts without your knowledge, including premium texts that cost money. Deactivate Permissions You Don t Need If you have the option to deny a permission, or deactivate a permission without getting rid of an app feature you like, do so. This is most common with location tracking permissions, which are used with an increasing number of apps. In addition to blocking location services for particular apps, every platform has a way to turn all tracking off. 5) Uninstall Apps You Don t Use Apps are so easy to download that people will often install one, try it out, then forget about it. These unused apps can slow your phone down and may have functions that weaken your privacy. Remove apps you no longer use on a regular basis.
6) Watch Your Phone for Funny Behaviour Some apps may make your smartphone behave strangely. Sometimes this is just annoying, but it may also be a sign of something that threatens your privacy. Look for the following behaviour. The Battery Drains Quickly If your phone s battery drains at a faster than normal rate, it could be a sign that an app is running in the background even when your phone is on standby. The Phone Heats Up This is often a sign of GPS usage and goes hand in hand with battery drain. GPS works by contacting a satellite array, and often needs to push a significant amount of power through the antenna to do this. Smartphone antennas are built into their bodies, so this process heats up the phone. If you don t know why your phone is using its GPS, that s a problem you need to investigate. There s a Spike in Data Usage If you notice you re using a lot more of your data plan even though you re not doing anything much different with your phone, this may be due to an app sending and receiving information. This might run up your phone bill, so investigate it immediately. Use a Process of Elimination to Solve the Problem If you notice strange behaviour, remove the app you last installed. If the behaviour persists, uninstall the next most recent app. Wait to see if the behaviour persists, removing apps in this order until it goes away. Take time between uninstalling each app to check for symptoms. If this doesn t work, the issue may be related to hardware or the phone s operating system instead. GPS and Other Features Turn On For No Reason If icons and other notifications indicate that your phone s GPS or another feature has turned on when you didn t activate it, confirm that it wasn t activated by a feature you may have forgotten (such as Facebook s option to add your location to a post) before looking for another app that might be the cause. You Get Redirected to Unfamiliar Websites If your web browser takes you to an unfamiliar website, or opening an app pushes you to a website the app didn t tell you would appear, malware could be the cause. Unknown Charges on Your Phone Bill If you can t identify charges on your phone bill, contact your carrier immediately and take a look at any apps you may have installed since before the charges appeared. Be especially suspicious of charges for premium services or long distance calls. If you don t contact your carrier as soon as possible, you may be forced to pay these charges. Advanced Steps 1) Install Antivirus Software Smartphones can catch viruses like traditional computers, though these are usually called malware instead, as they come as part of an app that looks useful. For example, a malware app that turns your camera flash into a flashlight might secretly share your passwords. Smartphone platforms come with some built in protection against malware, but you can also install antivirus software for extra protection.
Antivirus software is most effective against known threats. When antivirus developers learn about a new form of malware, they send updates to your phone s antivirus app to teach it to detect, isolate and remove it. Some sophisticated malware cannot be completely removed. In a worst case scenario, you may have to wipe your phone. If you want to install an antivirus app, read reviews about several types before you make your choice. Stick with brands you recognize, as malware sometimes disguises itself as these apps. Only one antivirus app will work at a time if you install two or more, they might interfere with each other. 2) Use an Anti-Theft App Anti-theft apps allow you to track the location of your phone, wipe private information, and perform other actions even when the phone has left your possession. Depending on the app, you might be able to remotely view files, call and text logs, or even secretly take pictures. The exact features vary from app to app. Some of them don t leave obvious signs that they re active so that you can (for example) track and take pictures of a thief without his or her knowledge. After installing the app, you can active or control it through and online account or text messages sent to your phone. Some carriers provide services allowing you to find or remotely wipe your phone as well. An anti-theft app gives you a way to find your phone and wipe private information before it gets leaked, but the downside is that they also provide a back door into your phone. If someone discovers a way to activate the app on your phone, they can use all the features intended to monitor lost and stolen phones to monitor you. This is more likely to be a danger in situations involving domestic abuse and stalking.