Sign In

Communications of the ACM

ACM News

Encrypted Smartphones Secure Your Identity, Not Just Your Data


A smartphone is a digital form of identification for many.

Secure smartphones do provide barriers to police investigations, but they are also an excellent component of strong cybersecurity.

Credit: Iowa Department of Transportation

Smartphones store your email, your photos, and your calendar. They provide access to online social media sites like Facebook and Twitter, and even your bank and credit card accounts. And they're keys to something even more private and precious—your digital identity.

Through their role in two-factor authentication systems, the most commonly used secure digital identity protection method, smartphones have become essential to identifying people both online and off. If data and apps on smartphones are not secure, that is a threat to people's identities, potentially allowing intruders to pose as their targets on social networks, email, workplace communications, and other online accounts.

As recently as 2012, the FBI recommended the public protect their smartphones' data by encrypting it. More recently, though, the agency has asked phone makers to provide a way to get into encrypted devices, what police call "exceptional access." The debate so far has focused on data privacy, but that leaves out a vital aspect of smartphone encryption: its ability to secure people's personal online identities.

As I wrote in my recent book, "Listening In: Cybersecurity in an Insecure Age," doing what the FBI wants—making phones easier to unlock—necessarily decreases users' security. A recent National Academies of Sciences, Engineering and Medicine study, in which I participated, also warns that making phones easier to unlock potentially weakens this key element of securing people's online identities.

 

From The Conversation
View Full Article

 


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account
ACM Resources