Is your iOS device secure?
iPhones and iPads are susceptible to many privacy and security threats. Making matters worse are applications that act like giant data vacuum cleaners – quietly suck up as much of your data as possible. Private data is collected and sent back to the parent company for analysis, storage and sale to third parties (browsing history, social media activity, physical locations, contacts, messages, etc.).
There’s also a growing security and privacy app industry. Unfortunately many of these apps are dangerous and invasive – such as free ad blockers that sell your data and partner with advertisers. There are also many free VPN (virtual private network) apps that contain malware, tracking, and other privacy threats – see the free VPN guide and the VPN Warning List for more information on these dangers.
But not to worry – there are good solutions that do not involve downloading a bunch of shady privacy apps.
This guide will show you how to make your iOS device as secure and privacy-friendly as possible with the following five steps…
Step 1: Delete those iOS apps
Given that most applications are harmful to your privacy, consider deleting everything that is not absolutely essential. Here are a few categories of apps that are especially problematic when it comes to privacy:
- Social media (Facebook, Twitter, Instagram, etc.)
- Games (Angry Birds, Words with Friends, Despicable Me)
- Weather (GO Weather Forecast & Widgets)
- Transportation (Uber, Lyft, etc.)
- Messenger/Photos/Chat (Snapchat, WhatsApp, QQ)
- Drawing/photo editing
You should consider most apps as potential privacy threats. With bad apps, you might not find out they’ve stolen your data or messed up your device until it’s too late.
So if it’s not absolutely essential to your life, just delete it.
Step 2: Encrypt your internet traffic with a good VPN
Virtual private networks (VPNs) are rapidly growing in popularity for a number of reasons. Mainly, they’re used as a powerful tool to encrypt and protect anything that connects to the internet, while also allowing people to bypass geographic restrictions and access blocked content.
When using a VPN on a mobile device, you have two options:
- Use a VPN app
- Use your iOS device’s built-in VPN configuration (recommended)
Built-in VPN configuration
I recommend using the built-in VPN functionality on your iOS device (instead of a VPN app) for the following reasons:
- It forces every internet connection on your iOS device (including all apps) through the VPN and is leak proof (with “Connect on demand” enabled)
- With a good VPN service, it will be very reliable and won’t crash all the time (like many VPN apps)
- Provides strong encryption and privacy protection utilizing the IPSec/IKEv2 encryption protocol
- Is generally less risky than downloading a third-party app
This is my preferred iOS VPN setup. I use it with Perfect Privacy VPN (review) with the “connect on demand” option enabled. All you need to do is import your VPN’s configuration files onto your iOS device and then enter your connection credentials. See this step-by-step guide from Perfect Privacy:
The built-in VPN configuration is easy to access and setup directly from your Settings area.
Your real-time VPN connection status will always be displayed at the top of the screen. I have found that having the “connect on demand” option always enabled does not significantly affect battery life or performance. Here I am testing the VPN connection on this IP test page.
If you would rather use a VPN app instead of the built-in VPN configuration, there are a few options.
iOS VPN apps
Using a good VPN app on your iPhone or iPad will be simple to setup and use, but it may not be as reliable as the built-in configuration. If you want to try an app, here are two iOS VPN apps that seem to work well based on my testing:
- VyprVPN for iOS – VyprVPN’s iOS works very well and allows you to control exactly which apps on your device go through the VPN (this is like a split tunnel feature).
- VPN.ac for iOS – VPN.ac is slightly more expensive than VyprVPN, but they offer many advanced security and privacy features.
Whichever option you choose, using a VPN on your iPhone or iPad is a very good idea for privacy and security. (Check out the Ultimate VPN guide for more background information on virtual private networks.)
Step 3: Block ads, tracking, and malware
Online advertisements are becoming more dangerous every month.
Recently there has been an explosion of malicious advertisements affecting all devices – also known as malvertising. Online ads are an easy attack vector for the following reasons:
- Most sites host ads that are fed in from untrusted third party domains
- Third party advertising domains can be hijacked to inject malware and ransomware into ads and onto your device
- No clicks are required – your device can be infected simply by loading the website
This growing problem is even affecting major websites such as the New York Times and BBC.
You basically have two options for blocking ads on your iOS device:
- Download an ad blocker app (such as Purify for about $2 in the Apple store)
- Use a VPN service that has a built-in ad blocker (such as Perfect Privacy with the TrackStop filtering feature)
I would recommend avoiding all free ad blocker apps, simply because free apps usually are collecting and selling your data (which is how they make money).
My personal setup is to activate the TrackStop filter to block all ads and tracking for every device that I use with my VPN. This blocks dangerous domains at the VPN server and does not require me to download any extra software or apps. It blocks:
- over 30,000 tracking and ad domains
- over 45,000 known malware domains
- over 20,000 phishing domains
To activate TrackStop on your iOS device (and all devices that connect to your VPN), simply access the member area, and then turn on the filter settings. (Note: you can also filter out social media domains, such as Facebook, which track your activity as well.)
Once activated, you will be protected whenever your device is connected to the VPN. Ads, tracking, and malware will be blocked at the VPN server – far away from your devices.
Step 4: Secure messaging
Governments, corporations, and hackers have been spying on SMS messages and listening to calls for years. The biggest messaging app is WhatsApp, which is owned by Facebook. Despite claiming to be “secure,” WhatsApp does not use end-to-end encryption and is plagued with known security issues.
So what alternatives do you have to secure your messages?
To secure and encrypt your text messages you could use one of the apps mentioned below. Unfortunately there is no simple app-free solution for encrypting all your text messages.
Signal is a great, free option that utilizes strong 256-bit AES end-to-end encryption. When you install Signal, it will integrate well with your iOS device and also utilize perfect forward security to protect your data. Signal’s code is also open source, which is good. (Signal download for iOS here.)
Threema is another great secure messaging option utilizing end-to-end encryption. It’s based in Switzerland and is a low-cost ($2.99) alternative for those seeking a more secure messaging option. You can download the iOS version and get started.
Step 5: Secure your iOS settings
For privacy and security, it’s a good idea to modify your default iOS settings. Changing these settings will greatly enhance the privacy and security of your device. Here’s what you can do:
- Disable fingerprint security with Touch ID. This is another privacy/security issue that can be used against you. Police in the United States have forced people to unlock phones with their fingerprints. You can disable this from Settings > Touch ID & Passcode > Phone Unlock (disabled).
- Modify the “Today” home screen widgets, which are accessible without a password. Simply go to your home screen, swipe to the right, then go to the bottom and select Edit. Delete everything that’s not absolutely essential from the unsecured “Today” screen.
- Set a strong password (six digits or longer). You can do this from Settings > Touch ID & Passcode > Turn Passcode On > Passcode Options.
- Stop location tracking and limit which applications can get your location. Go to Settings > Privacy > Location Services (double check which Apps you want to allow access to your location) and then > System Services > Frequent Locations (turn this off and Clear History).
- Enable the “Erase Data” feature to “automatically erase all date on your iOS device after 10 failed passcode attempts.” This is a great idea to keep your private data secure if your phone gets lost or stolen. Go to Settings > Touch ID & Passcode > Erase Data (at the very bottom – enabled).
- Review all data that is available to your applications. Go to Settings > Privacy and then double check everything. From the Privacy section, you can also go to the bottom and select Advertising > Limit Ad Tracking (enabled). This makes it much harder for companies to hit you with targeted advertisements.
Enjoy your secured and unrestricted iOS device!
Finished! Now you have a secured and protected iOS device that will also give you unrestricted access to the entire internet (thanks to your VPN service).
This setup gives you the following advantages:
- All internet traffic is encrypted, secured, and anonymized by going through your VPN configuration.
- You won’t have apps collecting your data (because all unessential apps were deleted).
- Advertisement, malware, and tracking domains are completely blocked at the VPN server level.
- If you need to use messaging or VOIP, all communications/messages will be secured with end-to-end 256-bit encryption.
- Your iOS settings will provide you with further privacy and security, with the recommended changes above.
Securing your iOS device is just one step to restoring your privacy. If you’re ready to go further, check out the Simple Online Privacy Guide for a total privacy solution.