The internet is not a place where you should let your guard down in this day and age. Even big companies have succumbed to hacks, and had huge data leaks.
So without the expertise of a big company, what can we do to protect our private information and activities from prying eyes?
Well fortunately there are a wide array of apps out there to help you do the best you can to keep your info safe. A lot of these apps will allow you to easily implement best practices in terms of mobile security without too much effort on your part.
. . .so in no particular order:
10: Signal – Messenger, Voice and Video
Signal has you covered for almost all messaging, phone and video communications.
It can send messages (including pictures and videos) and handle phone calls (inducing video if you like). You can also do the standard things you would expect from a messaging app such as group messaging.
Encrypted messages, encrypted phone calls and encrypted video calls
There are a multitude of messaging and phone apps that now have end-to-end encryption. However, all messaging apps are not created equal. You may be surprised to find that Facebook Messenger, Whatsapp, Viber, Telegram and plenty of others are not quite as safe and secure as you think.
What sets Signal apart from all the other messaging apps is not so simple to explain, so I wrote a separate article to tackle this very subject.
Be sure to check out the article, as messaging and phone calls probably feature quite highly in your phone usage, so it is one of the apps that has the potential to have the most impact on your privacy.
9: Proton Mail – Email
You can think of proton mail as a replacement to Gmail or any other web based email client.
ProtonMail features the following:
- end-to-end encryption
- anonymous signup
- no IP logging
- no tracking
- based in Switzerland
- free or paid options available
The encryption means that no one is harvesting your emails for information, as no-one can read them. Not even ProtonMail.
Not only can they now read your emails, but they don’t bother to log your ip or track you in anyway. Which is exactly how is should work.
8: MailDroid – Email
Maybe you don’t want to trust yet another faceless provider, even if it is as compelling as ProtonMail.
MailDroid is an email client that you control.
You enter the servers and settings and the app fetches and sends your emails for you. What this means is that you could use a whole array of email accounts with this app:
- Gmail, Yahoo and others
- Work accounts
- Your own email accounts associated with your own domain
Now it should be noted that there are a lot of apps that are available on the PlayStore that can do this, so what makes MailDroid so special? Well, MailDroid has the option to use S/MIME and/or PGP signing and encryption.
At this point I will say that if you don’t know what either S/MIME or PGP are, or you don’t have your own server and domain, then this app is probably irrelevant for you. You should take a serious look at ProtonMail instead as it represents a mail app that doesn’t require any setup.
However, I will point out that S/MIME setup is not very complicated (PGP is a whole other ball game!). You can get a free S/MIME certificate from Comodo.
Once setup this gives you the following advantages:
- Assuming you have your own server with mail: You own your emails! No remote third party server to worry about.
- You can sign your emails with your S/MIME or PGP key. This means people will be sure the email they receive *really* came from you (even Gmail recognises S/MIME signed emails with a green tick, so even if the recipient doesn’t use S/MIME themselves, they can still benefit from the extra confirmation.)
- You can encrypt emails
I would also add that the app itself is very customisable both in terms of looks and features.
7: SafeInCloud – Password Manager
This app is essential to me.
There is nothing more important than keeping your passwords random and long. This app helps me achieve that with ease.
There are many password managers out there, but they all typically have some sort of cloud sync feature, which more often than not uses the app providers cloud service. I dislike this as I want complete control over my data. Lets face it, if a big company like Facebook can’t secure data properly, then any company is vulnerable.
SafeInCloud gives you the option of cloud sync, and even when it is available it is to a location that you own, not them.
You could for example sync to your Google Drive or Dropbox account, or if you are more paranoid you could use your own cloud implementation such as ownCloud or WebDAV.
. . .and finally:
- backups are encrypted (AES 256-bit)
- password generator
- fingerprint login
- android wear
- password strength analysis
- browser integration
- free desktop apps (Windows and MAC)
- auto import from other password managers
There are both free and paid versions available. At least from my point of view a password manager is an essential piece of kit, and as such I would recommend shelling out the few quid it costs to get the pro (paid) version.
6: Authy – Second Factor Authentication
Second Factor Authentication is just a piece of information (or confirmation) that you provide to log into an account in addition to your password. This could be for example a code received in a text message, or a link that you need to click in an email. However, one of the most convenient, secure and widely used methods is Time Based One-Time Password (TOTP).
TOTP is typically a six digit number that changes every 20 to 30 seconds continuously. This means that even if you enter a TOTP in a website and someone figures out what you entered, it doesn’t matter, as next time the number will be different.
Authy stores and shows you TOTP numbers, and changes them as needed every 20 to 30 seconds.
Second factor authentication is something that I would encourage everybody to use if it is made available by the website or service in question. It is not complicated for the user, and it increases the security of your account an enormous amount when compared to just having a password.
There are of course other TOTP apps available including Google Authenticator. However, Authy stands out due to the following features:
- it backs up your TOTP codes
- it can sync your TOTP codes across multiple devices
- it works across many platforms
- it is easy to use
If you want to take second factor authentication one step further, and in the future get rid of your passwords too. Then take a look hardware security keys like Yubikey, as they are even more secure and convenient.
5: Private Internet Access (or CyberGhost) – VPN
Private Internet Access (PIA) is a VPN, the reason I have mentioned Cyberghost is that PIA is not free, you pay a subscription. Cyberghost is free.
In my opinion PIA is the best VPN currently available, and you should give it a go. It works on most platforms including Windows, MAC, Android, iOS and even Linux.
A plethora of server locations are available across the world, and it is fast and secure. Furthermore, it is one of the few that keeps no records at all of your usage (very important).
If you want to learn more about why you need a VPN and what to look out for (and avoid) in a VPN provider, then I give more information in this article.
4: DuckDuckGo – Browser
DuckDuckGo Website (this is also a search engine you can use, not just info)
DuckDuckGo is essentially a search engine just like google, but they don’t track you at all.
In the same way that you can use Chrome, which features the google search engine, DuckDuckGo have their own android app too.
Using the app gives you access to well thought out features such as forced https connections where possible, and safety ratings for the sites you visit, which are easily visible in the address bar.
It can also blocks trackers, so even if the website in question wants to track you it can’t!
3: Sync – Cloud Storage
In terms of privacy, cloud storage is a bit of an issue.
There are lots of options, but storing your personal data on the servers of a company you have no control over is risky at best.
This is another area where I believe encryption of data should be a default, but this isn’t even nearly the case with the majority of cloud storage providers.
You therefore have a couple of options:
- Provide your own cloud storage on your own server. This is unlikely to be feasible for most people.
- Find a provider that respects your privacy and encrypts your data
This is where sync comes in.
Sync’s unique, zero-knowledge storage platform guarantees your privacy by encrypting and decrypting your data client-side (on your computer or device).
Sync is a zero-knowledge encrypted cloud platform. That basically means that all the data you store on sync is encrypted using a key that only you hold, so even if law enforcement request access to your data from Sync, they wouldn’t have the means to supply it, as they don’t have the key.
Sync also features second factor authentication for extra security at login, is easy to use, and can be used on most platforms (although not Linux).
2: Solid Explorer – File Explorer
Solid Explorer App (14-day trial with in app purchase)
Simply the best file explorer available for Android.
Easy to use, good looking design, root access (if you need it) and encryption if you need it.
Basically it allows you to easily and quickly encrypt files and folders on your phone. It is really simple to use and can also integrate fingerprint recognition if your device allows it.
I should add that it is not free, but the cost is minimal and you won’t find better than this.
1: Cerberus – Anti Theft
Cerberus App (7-day trial, purchase in app or on the website)
The final consideration for your device is if it gets stolen!
Then you are in trouble if you have sensitive data on your device. I mean lets face it with access to someones mobile phone you have access to a lot of info. Valuable info. . .
Not to mention the fact that “normal” phones (i.e. not covered in gold or jewels) can cost in excess of GBP 1000. So you might actually want the device back too.
Cerberus is an app that sits on your phone minding it’s own business, but if set up correctly and your phone is stolen it can work magic.
You could for example (all remotely):
- take a picture of the thief
- completely wipe your device
- set off alarms
- backup your data
- locate the device on a map
- generally control the device
Again it is not free, but a couple of quid to protect a valuable phone is not a lot in my opinion.
As ever if you have any better suggestions for the list above or know about an app I haven’t considered then let me know in the comments.