Category Archives: privacy
Updated: If you use an Android device and regularly download and install apps from the Google Play Store, you may have noticed that some apps require device admin rights to be disabled before you can “Force stop” or “uninstall” an app. Device admin allows developers to create security-aware apps that are mainly useful for enterprise settings. These settings (or policies as they are referred too) may stop a user from installing or uninstalling an app for example.
I’ve started noticing quite a few Android mobile security apps are employing device admin rights to their consumer apps. The main reason for doing this is that the AV vendors want to lock down their app in the event some malware looks to disable or remove their security app, but it is also to with defining a generic security standard for mobile security app development.
Glancing through developer forums it’s clear to see (and I’m one of these) that not being able to kill an app because it is using up large amounts of CPU or RAM time, isn’t that useful to us end -users. Apps and operating systems do have memory leakage and probably always will from time to time. So, how do you disable device admin rights for a particular app so that you can enable ‘Force stop’; ‘Uninstall’; ‘Clear data’; ‘Clear cache’; and ‘Clear defaults’ from within App Manager? It’s actually very simple folks:
Google recently introduced a new setting for 2-Step Verification (2SV). They are hoping the new setting called ‘Google prompt’ will make it easier for more people to use multi-factor authentication security. Currently, 2SV allows you tap a Security Key (such as the U2F YubiKey) as well as entering a verification code sent to your mobile phone. You can also use the Google Authenticator app.
Google prompt allows you to approve by tapping a ‘Yes’ prompt that will pop up on your mobile phone. You can access 2-Step Verification from your computer, Android device or iPhone, but only if you have a Google account. In addition Android devices will require the latest Google Play Services (2SV is part of Play Services) and iPhone 5S or later the Google Search app.
It’s important to note that the Google prompt setting is designed as an alternative second step to either using a Security Key or receiving a voice or text message.
The process below is the same whether you use an Android device, iPhone 5S (or later) or computer.
How to enable Google prompt
- Settings > Google > Sign in & security > Sign in to Google https://myaccount.google.com/security
Android Pay is a mobile wallet that can store your credit cards, debit cards and loyalty cards. It allows you to make contactless payment without using a card. Hold your Android device near (1-2 centimetres) a contactless payment point and your device will show the card used and vibrate as well as confirm payment.
You will also receive a payment notification if you have notifications enabled. Notifications are linked to each card you use, so you will be able to review the merchant details and the payment details. Any Android device running KitKat 4.4 or above and has an NFC module inside will be able to use Android Pay.
Remember: The merchant will never see your 16-digit card number as Android Pay uses a virtual account number. You can also tap on each transaction linked to your card to confirm the name of the merchant and payment amount as well as the virtual number that was used is correct.
IMPORTANT NOTE: You will need to setup a PIN code, password or pattern in order to authenticate a transaction up to £100 in the UK. For transactions up to £30 you only have to wake your device to make a purchase,
Activation Lock is securely stored on Apple’s activation server’s and links to your device. Your password will be required before anyone can turn off Find My iPhone, erase your device, or reactivate and use your device.
Activation Lock is enabled automatically when you use Find My iPhone on a device running iOS 7 or later. Find My iPhone Activation Lock requires your Apple ID and password before anyone else can do the following:
- Turn off Find My iPhone on your device
- Erase your device
- Reactivate and use your device
Find My iPhone can be used to erase your device remotely, however Activation Lock will still be activated after a device wipe. This adds an additional layer of protection in the event someone attempts to reactivate your device without your permission. Also, if you plan on giving away your device you should turn off Find My iPhone. This ensures that the new owner can use your device as normal.
Apple iOS devices* support a useful data security feature called ‘Erase Data’. This feature if enabled (and you use a passcode), will erase all your iOS data after 10 failed passcode attempts. Enabling this feature should be a priority, especially if you lose your device.
The 10 times failed passcode attempts is consecutive, not cumulative and performs the same data erase as General > Reset > Erase all content and settings. Here is how you enable ‘Erase Data’:
- Open > Settings > Tap > ‘Passcode’ option (see note below)
- Turn the toggle on next to ‘Erase Data’
- Confirm the change and tap > Enable button
Note: If you use Touch ID, this option is called ‘Touch ID & Passcode’
IMPORTANT: In the event, you accidentally erase your iOS device, it’s a good idea to regularly backup your device in iTunes, so you can recover your data.
How do you recover your data to your iOS device?
The encryption key will be deleted on the device when using the ‘Erase Data’ feature. You will then be forced into recovery mode to continue with restoring your iOS device, which can be done from a recent iTunes backup. If you don’t backup up your iOS device, your device will be restored as new.