Is your iOS device secure and protecting your privacy?
iPhones and iPads are susceptible to many privacy and security threats. Making matters worse are applications that act like giant data vacuum cleaners – quietly suck up as much of your data as possible. Private data is collected and sent back to the parent company for analysis, storage and sale to third parties (browsing history, social media activity, physical locations, contacts, messages, etc.).
There’s also a growing security and privacy app industry. Unfortunately many of these apps are dangerous and invasive – such as free ad blockers that sell your data and partner with advertisers. There are also many free VPN (virtual private network) apps that contain malware, tracking, and other privacy threats – see the free VPN guide and the VPN Warning List for more information on these dangers.
But not to worry – there are good solutions that do not involve downloading a bunch of shady privacy apps.
This guide will show you how to make your iOS device as secure and privacy-friendly as possible with the following five steps…
Step 1: Delete those iOS apps
Given that most applications are harmful to your privacy, consider deleting everything that is not absolutely essential. Here are a few categories of apps that are especially problematic when it comes to privacy:
- Social media (Facebook, Twitter, Instagram, etc.)
- Games (Angry Birds, Words with Friends, Despicable Me)
- Weather (GO Weather Forecast & Widgets)
- Transportation (Uber, Lyft, etc.)
- Messenger/Photos/Chat (Snapchat, WhatsApp, QQ)
- Drawing/photo editing
You should consider most apps as potential privacy threats. With bad apps, you might not find out they’ve stolen your data or messed up your device until it’s too late.
So if it’s not absolutely essential to your life, just delete it.
Step 2: Encrypt your internet traffic with a good VPN
Virtual private networks (VPNs) are rapidly growing in popularity for a number of reasons. Mainly, they’re used as a powerful tool to encrypt and protect anything that connects to the internet, while also allowing people to bypass geographic restrictions and access blocked content.
When using a VPN on a mobile device, you have two options:
- Use a VPN app
- Use your iOS device’s built-in VPN configuration
Built-in VPN configuration
Using the built-in VPN functionality on your iOS device (instead of a VPN app) offers the following benefits:
- It forces every internet connection on your iOS device (including all apps) through the VPN and is leak proof (with “Connect on demand” enabled)
- With a good VPN service, it will be very reliable and won’t crash all the time (like many VPN apps)
- It provides strong encryption and privacy protection utilizing the IPSec/IKEv2 encryption protocol
- It is generally less risky than downloading a third-party app
Two great VPN services that support the manual configuration on iOS devices using the IKEv2 cipher are:
All you need to do is import your VPN’s configuration files onto your iOS device and then enter your login credentials. See this step-by-step guide from Perfect Privacy:
The built-in VPN configuration is easy to access and setup directly from your Settings area.
Your real-time VPN connection status will always be displayed at the top of the screen. I have found that having the “connect on demand” option always enabled does not significantly affect battery life or performance. Here I am testing the VPN connection on this IP test page.
If you would rather use a VPN app instead of the built-in VPN configuration, there are a few options.
The one drawback with using the built-in VPN configuration is that it is more difficult to setup than simply installing a VPN app…
iOS VPN apps
Using a good VPN app on your iPhone or iPad will be simple to setup and use, but it may not be as reliable as the built-in configuration. If you want to try an app, here are two iOS VPN apps that seem to work well based on my testing:
- ExpressVPN for iOS – ExpressVPN has some of the best VPN mobile apps in the industry. They are secure, user-friendly, and offer the excellent performance. The support is also top-notch with 24/7 live chat and a 30 day money-back guarantee.
- VyprVPN for iOS – VyprVPN’s iOS works very well and allows you to control exactly which apps on your device go through the VPN (this is like a split tunnel feature).
- VPN.ac for iOS – VPN.ac is slightly more expensive than VyprVPN, but they offer many advanced security and privacy features.
Whether you choose to go with the built-in iOS VPN settings or a simple and user-friendly iOS VPN app, either option will help to secure your connection and give you more privacy.
Step 3: Block ads, tracking, and malware
Online advertisements are becoming increasingly dangerous.
Recently there has been an explosion of malicious advertisements affecting all devices – also known as malvertising. Online ads are an easy attack vector for the following reasons:
- Most sites host ads that are fed in from untrusted third party domains
- Third party advertising domains can be hijacked to inject malware and ransomware into ads and onto your device
- No clicks are required – your device can be infected simply by loading the website
This growing problem is even affecting major websites such as the New York Times and BBC.
You basically have two options for blocking ads on your iOS device:
- Download an ad blocker app (such as Purify for about $2 in the Apple store)
- Use a VPN service that has a built-in ad blocker (such as Perfect Privacy with the TrackStop filtering feature)
- Install an ad blocker extension on your mobile browser
You can try out the different options to see which one works the best for your unique situation.
If you go with TrackStop filter, all ads/tracking/malware domains will be blocked at the VPN server level when you are connected through the VPN. This is great as it keeps dangerous domains far away from your device, since it is a server-side feature. TrackStop blocks:
- over 30,000 tracking and ad domains
- over 45,000 known malware domains
- over 20,000 phishing domains
Think of every ad as a digital surveillance camera and protect yourself accordingly.
Step 4: Secure messaging
Governments, corporations, and hackers have been spying on text messages and listening to calls for years. The biggest messaging app is WhatsApp, which is owned by Facebook. Despite claiming to be “secure,” WhatsApp does not use good end-to-end encryption and is plagued with known security issues.
So what alternatives do you have to secure your messages?
To secure and encrypt your text messages you could use one of the apps mentioned below.
Signal is a great, free option that utilizes strong 256-bit AES end-to-end encryption. When you install Signal, it will integrate well with your iOS device and also utilize perfect forward security to protect your data. Signal’s code is also open source, which is good. (Signal download for iOS here.)
Threema is another great secure messaging option utilizing end-to-end encryption. It’s based in Switzerland and is a low-cost ($2.99) alternative for those seeking a more secure messaging option. You can download the iOS version and get started.
You can see other secure messaging apps on the privacy tools page.
Step 5: Secure your iOS settings
For privacy and security, it’s a good idea to modify your default iOS settings. Changing these settings will greatly enhance the privacy and security of your device.
Here are a few changes to enhance your privacy:
- Disable fingerprint security with Touch ID. This is another privacy/security issue that can be used against you. Police in the United States have forced people to unlock phones with their fingerprints. You can disable this from Settings > Touch ID & Passcode > Phone Unlock (disabled).
- Modify the “Today” home screen widgets, which are accessible without a password. Simply go to your home screen, swipe to the right, then go to the bottom and select Edit. Delete everything that’s not absolutely essential from the unsecured “Today” screen.
- Set a strong password (six digits or longer). You can do this from Settings > Touch ID & Passcode > Turn Passcode On > Passcode Options.
- Stop location tracking and limit which applications can get your location. Go to Settings > Privacy > Location Services (double check which Apps you want to allow access to your location) and then > System Services > Frequent Locations (turn this off and Clear History).
- Enable the “Erase Data” feature to “automatically erase all date on your iOS device after 10 failed passcode attempts.” This is a great idea to keep your private data secure if your phone gets lost or stolen. Go to Settings > Touch ID & Passcode > Erase Data (at the very bottom – enabled).
- Review all data that is available to your applications. Go to Settings > Privacy and then double check everything. From the Privacy section, you can also go to the bottom and select Advertising > Limit Ad Tracking (enabled). This makes it much harder for companies to hit you with targeted advertisements.
Enjoy your secured and unrestricted iOS device!
Finished! Now you have a secured and protected iOS device that will also give you unrestricted access to the entire internet (thanks to your VPN service).
This setup gives you the following advantages:
- All internet traffic is encrypted, secured, and anonymized by going through your VPN configuration.
- You won’t have apps collecting your data (because all unessential apps were deleted).
- Advertisement, malware, and tracking domains are completely blocked at the VPN server level.
- If you need to use messaging or VOIP, all communications/messages will be secured with end-to-end 256-bit encryption.
- Your iOS settings will provide you with further privacy and security, with the recommended changes above.
Securing your iOS device is just one step to restoring your privacy. If you’re ready to go further, check out the Simple Online Privacy Guide for a total privacy solution.