National Data Privacy Day and week may have come and gone, but caring about your privacy and security should always be a priority, especially with something like your smartphone, which stores a ton of your personal information on it. While your phone’s operating system tends to do a good job at keeping your information secure, you should still know your way around the settings and what’s available to you.
Below, we’ll break down some of the built-in settings for privacy and security on Android, along with a few more advanced options that could be helpful for the right person. Whether you opt to have all of these settings enabled is a personal decision, depending on your own personal threat model — that is, where your activity and your habits are most likely to create risks.
This is by no means every feature that can help harden your phone’s or tablet’s privacy and security, but a good intro what you can do and what to be aware of.
For more, check out these 10 network security tips you need to know about now and how to disable all the AI you can on the Google Pixel.
A breakdown of Android’s built-in security and privacy settings
Android Security & privacy settings
Your phone has a dedicated section within settings to get a snapshot of your current security and privacy on your phone. I tested this on my Pixel 9 Pro XL; depending on what company makes your phone, navigating here may be slightly different.
To access your Security & privacy settings:
- Go to Settings
- Tap Security & privacy
This section will give you a walkthrough of anything that might need your attention for security at the top, with specific settings you can dig into further.
Tapping on Privacy controls will show you several settings you should review:
- Permission manager: Easily review and revoke access to permissions that you previously had given to apps. For instance, maybe you want to share less with Meta’s Facebook and Instagram apps.
- Ads: Manage your device’s advertising ID, including resetting it and deleting it so apps will no longer show you personalized ads.
- Ad privacy: Allows you to turn on or off ad topics, app-suggested ads and ad measurement
- Health Connect: View and manage what apps have access to your health and fitness data. Data sharing updates for location: Apps that change the way they share your location data will appear here.
Under the Controls section, you’ll get some basic toggles to turn your camera and microphone access off so no apps can use them. You can also add these camera and microphone on/off toggles to your quick settings menu in your notification shade. When they’re disabled and an app you’re using needs or requests to use them, you’ll see a pop-up that will allow you to approve or deny the permission. Increased privacy and security practices typically come at the expense of convenience, but knowing when parts are put into use, and better yet, activating them only when you need them, puts power back in your hands.
You’ll also find a dedicated section for location access where you can view what apps have most recently pulled your location. You can tweak permissions for what apps have access to your location from here.
Activity controls allow you to view and manage your web & app activity that’s stored within your Google account. You can also choose to set this data to automatically delete after a certain period of time. If you aim to have less of your data online, this is a practice you should consider doing not just on your phone and Google but on social media and other online services.
Audit your apps (often)
Chances are that you have a ton of apps installed on your phone, each one with their own specific permissions. It’s a good practice to check the permissions of an app before you download it to make sure that the permissions being requested seem reasonable for the app to function properly and nothing more. If you download a simple clock widget, it likely shouldn’t need access to your messages, microphone or camera, for example.
It’s also important to keep in mind that the permissions can change with app updates, so get in the habit of auditing your apps if you don’t check update notes.
Here’s how to check on and revoke permissions to your apps.
- Go to Settings
- Tap Apps
- Tap See all apps
From here you can tap on any app to see what permissions have been allowed and revoke any you wish to. And while it’s likely on by default, make sure the “Manage app if unused” toggle is turned on, as the system will automatically remove permissions for unused apps as well as delete temporary files, stop notifications and archive the app.
Change what information appears on your lock screen
When you begin to set up your phone, you’ll typically be asked how much information you want to be displayed on your lock screen from notifications while the phone is locked.
- Go to Settings
- Tap Security & privacy
- Tap More security & privacy at the bottom
- Tap Notifications on lockscreen
Here you can choose between three options:
- Show all notification content
- Show sensitive content only when unlocked
- Don’t show notifications at all
Turn on 2-step verification for your Google account
At this point, you should have at least heard about passkeys and Big Tech’s push for the death of the password. Passkeys are a FIDO credential stored on a device that can be used to login to your online accounts. They can provide an extra layer of protection against phishing attempts on your account, but they’re far from the only two-factor verification method you can turn on for your Google account.
Here’s how to turn on two-factor authentication on your Android phone.
- Go to Settings
- Tap Passwords, passkeys & accounts
- Tap the account you want to enable two-step verification for
- Tap Google Account
- Tap on the Security tab
- Tap 2-Step Verification
If you’ve previously enabled two-sStep verification, you’ll be shown all of your methods for signing into your account, but you can also add new methods here as well. You can create new passkeys, register a hardware security key, add backup email and phone numbers and select devices that will receive prompts for approving logins.
Consider the Google Advanced Protection Program
The Google Advanced Protection Program takes security a few steps further beyond a simple two-step verification login by requiring you to use a passkey and / or security key in addition to your login credentials. The program uses Google’s most advanced security procedures to keep users safe from targeted phishing attacks.
While the Google Advanced Protection Program is available to enroll in for free, it’s designed for individuals with accounts that have highly sensitive or valuable information and Google strongly encourages journalists, activists, business executives, and people involved in elections to enroll.
For most people, this is overkill, but if you need it, more security and protection is worth a slightly more cumbersome login process.
For more, don’t miss this Wi-Fi versus Ethernet showdown and how to start removing your personal data from the internet.
Read the full article here