For many users, no device comes close to the amount of information that’s stored on a smartphone. It houses financial data, messages, notes, biometrics, and photos. Not to mention records of our browsing habits, which are so important for data-hungry companies.
With growing zero-day vulnerabilities and increasing mobile malware, there’s an ever-growing threat of malicious actors and, in some cases, governments monitoring and exploiting personal information.
No one is more aware of this risk than cybersecurity experts, who discover and combat such vulnerabilities on a daily basis.
Since the device you use may play a crucial role in protecting personal data, I conducted a mini-survey of 15 cyber security pros – founders, executives, and a few experts who work closely within the field – asking them about essential smartphone security features.
I noted all the security features mentioned, made a list of what the experts consider the most important smartphone security attributes, and included some of their most revealing comments.
In addition, I asked which smartphones the cyber pros use and which they would recommend buying. Let’s find out what they said.
Features of a secure smartphone
All the experts underline that security of any smartphone is only as strong as its weakest link – the user.
However, having a device with certain security features or dedicated hardware can significantly minimize or eliminate the risks of being monitored or spied on.
All experts agreed that regular software updates and patches are essential for smartphones (see the table below).
Nine (60%) mentioned strong biometric authentication – fingerprint sensor, face ID, or other biometric methods – as a must-have feature.
Six (40%) underlined the importance of strong device encryption, while five mentioned a secure boot process to prevent malware from taking control of the device during startup.
Features like physical privacy switches for camera and microphone, app permission controls and a secure processor were mentioned four times each.
A few of the experts listed features like end-to-end message encryption, built-in VPN, tamper resistant casing, remote wipe and tracking allong with privacy features and controls.
Certain tools, including AI-powered anomaly detection, customizable firewalls, and quantum-resistant security, were mentioned once.
The uncomfortable truth
Michael Collins, cybersecurity analyst the CEO of Sphere IT, says that users are faced with an uncomfortable truth: the closer a smartphone gets to absolute security, the more it sacrifices in terms of usability and features.
“Devices used in high-security fields (think military-grade phones) are highly secure but are often stripped down to the bare essentials. For the average consumer, the trade-off isn’t worth it, and absolute security remains an illusion,” he explains.
When listing the most important attributes of a secure smartphone, he underlines the importance of baseband security. This is a specialized microprocessor in mobile devices responsible for handling all communications with the cellular network.
According to Collins, this is the most exposed part of your phone, and its vulnerability can be exploited.
“Adversaries can use a malicious baseband to eavesdrop on voice calls, messages and even internet surfing. Surprisingly, this is hardly a priority for most manufacturers,” he says.
The expert also emphasizes the importance of isolating critical functions such as the microphone and camera, ensuring they can’t be activated without your explicit consent – no background eavesdropping.
According to Adrianus Warmenhoven, a cybersecurity advisor at NordVPN, using the right tools, including VPN, can significantly decrease risks.
“A smartphone that has as little bloatware or bundled apps as possible, plenty of security updates and for a longer period of time, hardware secure storage for sensitive data (e.g., biometrics), and a VPN that allows apps to be completely blocked from using the network would be more secure,” he says.
Warmenhoven points out that only data that is not on your smartphone can not be stolen from your smartphone. Thus, the most effective way to protect your security entirely is by not putting everything on your smartphone.
“Keeping everything you do not need on a USB stick or an SSD would be a good idea. Nevertheless, you should have encrypted backups of important data in the cloud,” the expert explains.
Three angles of smartphone security
When considering smartphone hardware features, a trusted execution environment, such as Apple’s Secure enclave, is imperative, says Jacob Kalvo, Co-Founder & CEO at Live Proxies.
“Such components make sure an isolated environment is created for sensitive operations, such as handling cryptographic keys or processing biometric data. Tamper resistance is another hardware feature that secures devices against physical tampering and data extraction,” he explains.
On the software side, a secure smartphone should feature a hardened operating system with security features like secure boot, which ensures that the device only runs software trusted by the device manufacturer.
“First, it needs to implement end-to-end encryption. Then there is device encryption, protecting data on the phone if the device gets stolen,” says Calvo.
Cole Popkin, Senior Digital Forensics Analyst at Proven Data, sees three main angles of the smartphone security. The safety of the physical mobile device, the data stored in it, and any new data you download to it.
“To protect your smartphone's physical access, strong authentication methods are essential such as robust passwords, PINs, and biometric features. If your device is lost or stolen, data encryption and remote wipe capabilities are a must to protect your sensitive information,” he explains.
“Even if your phone never goes missing, you still need to keep it safe with regular updates, which help patch any vulnerabilities in the operating system or apps. Finally, always download apps from trusted sources to minimize the risk of malware.”
Which smartphones do experts use?
In addition to smartphone features, the cybersecurity experts also revealed what smartphones they themselves use and why.
The most popular choices among the 15 were iPhone and Google Pixel (see the diagram).
Most iPhone users said they use the device for security, a closed ecosystem and integration with their other devices.
“Apple devices benefit from multiple layers of protection by default,” says Charles Nerko, partner and team leader for data security litigation at law firm Barclay Damon.
“Meanwhile, Cloud+ includes features like iCloud Private Relay to mask my IP address while browsing and Hide My Email to generate random email addresses that can be deactivated if they receive spam. These tools add an extra layer of security and help prevent unauthorized access to personal information.”
Fletus Poston, III, security operations and application security manger at CrashPlan emphasizes that Apple application testing is done by humans and the applications are more gated.
“I know that I still need to review and verify each application before installing, but I appreciate the ways that Apple uses automation and human verification. Thus, I choose Apple and the iPhone because it offers a good balance between security and usability.”
The main reason for using Pixel smartphones is frequent software updates and the dedicated security chip Titan M.
Ali Qamar, founder of ExtremeVPN, says that he maximizes his security combining Pixel and with Graphene OS.
“GrapheneOS provides enhanced privacy features while still allowing me to use essential apps. Google's hardware security elements are top-notch, which is crucial for protecting encryption keys and sensitive data,” he says.
Meanwhile, FairPhone is appreciated for its modular design.
“This means I can physically replace parts – like the microphone or camera – if I suspect they’ve been compromised. It’s an unusual choice, but one that gives me control over my own security in ways that standard phones don’t,” says Collins.
Secure smartphone recommendations
When asked which smartphones security experts would recommend as the most secure option(s), iPhone also tops the list, followed by Google Pixel and the Linux-based Purism’s Librem.
A few also recommended PinePhone for its focus on privacy and open-source software, Samusng’s Galaxy Series for its security features, particularly with Samsung Knox, and FairPhone.
“For maximum security, specialized devices with custom operating systems and specific software are recommended,” says Andrii Kalnybolotchuk, a Software Engineer at ClearVPN.
“These typically include smartphones running custom Linux-based operating systems. Such devices often feature hardware switches that allow users to physically disable components like the camera, microphone, GPS, and communication modules, providing an additional layer of security and privacy control.”
Warmenhoven thinks that both Apple devices and Android systems work well, especially if users are willing to spend some time decrapifying what’s bundled in the installed Android system.
“If you want to have peace of mind, you can use a Librem by Purism or a PinePhone and run Linux, but many apps won’t work.
However, for most users, having an updated phone without unused apps is as good as it needs to be. The rest is about the user’s digital hygiene and willingness to protect privacy and security.”
Your email address will not be published. Required fields are markedmarked