Zeeshan Mir Baz has collected the information from this website:https://smartphones.gadgethacks.com/how-to/4-best-phones-for-privacy-security-0176106/ in this article
Smartphones are inherently bad for privacy. You've basically got a tracking device in your pocket, pinging off cell towers and locking onto GPS satellites. All the while, the handset's data connection ensures that tracking cookies, advertising IDs, and usage stats follow you around the internet.
Smartphones are inherently bad for privacy. You've basically got a tracking device in your pocket, pinging off cell towers and locking onto GPS satellites. All the while, the handset's data connection ensures that tracking cookies, advertising IDs, and usage stats follow you around the internet.
So no, there's no such thing as a perfectly secure and truly private smartphone, let's get that out of the way now. But in the information age, you practically need a smartphone just to get by in society, so the question then becomes: Which phone manages to be the lesser of all the evils?
With critical vulnerabilities such as the KRACK exploit and Blueborne, not to mention the FBI attempting to find a backdoor into practically every phone, that's a hard question to answer. So to find the most security-hardened devices, we tested the top smartphones on the market, looking for key factors like encryption strength, biometrics, hardware-assisted security, VPN availability, and security patch time frames. Our research narrowed the list down to four great phones, so let's discuss how well each of these devices protects your privacy.
Note: This article was last updated in June 2018.
Quick Links
Comparison Chart
Key Comparison Points
When it came to comparing our four finalist phones, these were the key differentiating factors for privacy and security:
- Biometrics: There are two schools of thought involving fingerprint scanners and other biometric unlocking methods. First, there's the idea that if your biometric identifiers were ever stolen, you wouldn't be able to change them like a password, making them permanently compromised. The second line of thinking is that if a security method is easier for the user, they'll be more likely to actually use it, in which case biometrics are better for security in general. So in the end, it's your call as to whether a fingerprint sensor is a good or bad thing, but note that having such hardware enables other security-related features such as LastPass' fingerprint login.
- Encryption: Each of these phones uses one of two types of encryption: file-based (FBE) or full disk (FDE). File-based encryption is the more effective method of the two, as it allows individual files to be locked with different keys, whereas full disk encryption uses only one key to lock the entire data partition. All four of these phones use the AES encryption standard, and while some use 128-bit keys to decrypt the data, others use more advanced 256-bit keys.
- Hardware-Assisted Security: Each of the phones on our list calls upon the hardware to assist with the overall security of the device. While iOS devices use the hardware to assist with encryption, the Android devices on our list utilize the hardware to store cryptographic keys (more on this in the How We Chose These Phones section below).
- Sandboxed User Accounts: If privacy is one of your top considerations, you may want to maintain separate user spaces on your phone — perhaps one for work, and another for your personal usage. If so, it's important that the data from each user account be truly separated (or "sandboxed"), and the Android phones in this list offer that feature.
- Restrict Ad Tracking: Phones that ship with Apple and Google services preinstalled use a system-wide advertising tracking ID to help marketing partners deliver targeted ads. This ID follows you around as you use apps and services on your phone, which is sketchy behavior when it comes to privacy. Apple allows you to restrict apps' abilities to view and use this identifier, while Google merely lets you to reset the ID and opt out of seeing personalized ads on Android devices.
- Always-On VPN: A virtual private network, or VPN, allows you to reroute internet traffic through an external server. A good VPN service will even let you encrypt all data traffic for increased anonymity. With Android devices, you can funnel all types of internet traffic through a VPN. With an iPhone, however, you can only use a VPN over Wi-Fi, unless you're willing to reset your device and enable "Supervised Mode" to get the VPN working on your mobile data connection.
- Block Internet Access for Apps: If you don't want apps "phoning home," the ability to block internet access on a per-app basis is a huge plus. With Android, this can be done by setting up a local VPN like Netguard, which takes a little extra work. With iOS, you can easily disable mobile data access for an app, however, it's not possible to restrict Wi-Fi connectivity.
- Data Wipe After Failed Login: Some phones have a feature that triggers an automatic factory reset when someone attempts to enter your PIN or password too many times, if enabled. This is very effective when it comes to fending off intruders, as it makes brute-force password attacks all but impossible.
- Built-in Password Manager: The name of the included feature that stores your various login credentials. These screen names and passwords are stored in an encrypted vault, which offers the ability to auto-fill the stored information in the appropriate app or website.
- Password Generator: The password manager can generate a new password which is more secure than your existing passwords.
- Password Protected Folder: A secure folder which can store apps and files, protecting them from unauthorized access. Data within these folders should be hidden from the app drawer and file manager and require either a password or biometrics to access.
- Stock Security Center App: If you're security-minded, it's good to have a centralized app that helps you handle all of your phone's security needs. For example, the DTEK security platform gives you an overview of your phone's security health and allows you to easily tweak important security settings, among other things.
- OS CVEs: All phones in this list run either iOS or Android. In recent years, both of these operating systems have had numerous common vulnerabilities and exposures (CVEs) discovered, so it's important to keep track of exactly how vulnerable they are.
- Security Patch Timeframe: Apple doesn't adhere to a specific timeframe with its security patches, however, updates are generally issued within a month of critical bugs being found. Android releases security patches monthly and leaves it to the OEM to distribute to their devices. Since the Pixel 2 is a Google device, it will get Android security patches first.
- Bug Bounties: Device manufacturers will usually offer a cash prize for anyone who can find glaring weaknesses in their phone's software, effectively crowd-sourcing the process of discovering and closing security loopholes. With a higher bounty, people will generally be more motivated to find these bugs. Some companies invite only trusted bug reporters to earn a bounty (depicted as "Closed" in the above chart), while others will let anybody report bugs and claim the bounty (shown as "Open" here).
How We Chose These Phones
Our first requirement in choosing these phones was that they all had to be available for sale in the United States from a major carrier or from the manufacturer. Secondly, for a phone to make this list, it had to be encrypted by default to ensure that your data is protected against external access.
Another requirement was that the phones all offered granular permission management, which allows you to revoke an app's permission to access certain features like your camera and microphone. Then, to ensure that your data remains safe even when your phone is lost or stolen, we only selected phones with remote lock and wipe capabilities.
But what narrowed down this list was the hardware-assisted security requirement. Apple uses a hardware encryption chip to strengthen security, while the Android OEMs here use some variation of a hardware root of trust system. In effect, this means that there's a physical barrier between your data and any would-be attacker — while they may be able to hack the software, they'd need physical access to fully break the encryption, and even then it would be virtually impossible.
Popular phones that were lacking such a physical barrier include the HTC U12+, LG V35, LG G7 ThinQ, Moto Z2 Play, and Moto Z2 Force.
It's also worth noting that some of the phones which made our final cut had sibling devices that could've also been listed here — for example, Apple's older iPhone 7 models, Samsung's Galaxy S8 lineup, and the original Google Pixels. We left these devices off the list since there were newer and more future-proof models available in the iPhone X, Galaxy Note 8, and Pixel 2, but they're still solid phones from a privacy and security perspective.
From there, finalists were ranked based on how well the devices scored in the key comparison points above, and with that, the following phones rose to the top.
Phone 1BlackBerry KEY2
On last year's list, the BlackBerry KEYone won our top spot for privacy and security. Thanks to its low price and the numerous BB10 security enhancements which it brought to the Android platform, it was easy to recommend this device for anyone looking to prioritize their security and protect their privacy.