A Brief History of Cell Phone Security
A decade ago, mobile devices were considered relatively safe from malware attacks, with PCs representing primary targets for hackers. Today, with smartphones nearly universal, thieves have turned their sights on mobile users. McAfee Labs detected 16 million mobile malware incidents in the first quarter of 2017, including 1.5 million new incidents. Ninety-four percent of companies anticipate that mobile attacks will increase, a Dimensional Research survey found.
But prior to the current wave of malware attacks, cell phones were already being targeted by thieves using other attack methods, from the earliest days of mobile phones. Here’s a look back at how cell phone security has developed over the years.
Voicemail PIN Numbers
IBM employee Stephen Boies developed the first voicemail prototype in 1973, a system called the Speech Filing System that predated the rise of smartphones. The term “voicemail” was first used in 1980 by Televoice International (later Voicemail International), whose co-founder Paul Finnigan had first left a voicemail message on an Apple II desktop computer in 1978. In 1979, former Texas Instruments employee Gordon Matthews filed a patent for another voicemail system called Voice Message Exchange. During the 1980s, voicemail grew popular. Voicemail was in widespread use by the time cell phone use became widespread in the 1990s.
From the beginning, voicemail was vulnerable to hackers. To access voicemail messages, the phone owner would need to dial into a number and then enter a PIN number to verify his or her identity. Most phones came with a default PIN that was easy to guess, leaving it up to the owner to change the number to a more complex one. This made it easy for hackers to call up a phone owner’s number and guess the PIN.
Unfortunately, consumers continue to use easy-to-guess PIN numbers, typically 1111 or 1234, a Cambridge University Consumer Laboratory study found. To create a more secure PIN, choose a random number that is not a sequence of keys adjacent to each other and is not a number such as your birthday that can be guessed from ID cards in your wallet. To remember a random PIN, use the first letter of each number to spell out a phrase you can recall.
Caller ID and Blocking
Caller ID is another security technology cell phones inherited from traditional landlines. SITA communications engineer Ted Paraskevakos began developing the first caller ID technology in 1968. The first prototype was built in 1976. Consumer trials began in 1984, and by the late 1980s, telecommunications companies were offering caller ID.
Mobile phones initially did not support caller ID, but providers such as Alltel began offering caller ID features for wireless phones as early as 2007. Blackberry introduced Truecaller caller ID services in 2009. In 2012, Android added enhanced caller ID apps that combined phone number and social media information.
Caller ID can help protect call recipients from scam artists, but it can also expose callers to security vulnerabilities, such as when calling someone just met on a dating site who might be a potential stalker. To protect caller anonymity, landline providers quickly followed up caller ID with caller ID blocking, which is now available for cell phones as well. T-Mobile’s website provides instructions on how to block a number from appearing when you call on an iPhone or Android device. For most devices, you may be able to block your number by default in your settings. Otherwise, you can dial *67 before dialing the number you wish to call.
Phone Unlocking Features
Mobile phone manufacturer Neonode invented the idea of swiping to unlock screens in 2005. In 2009, Android 2.0 introduced a new lock screen that was controlled by gesture, rather than by pressing the phone’s menu button as with previous versions. Apple’s 2011 iOS 5 update gave iPhone users the ability to access the phone’s camera directly from the lock screen by sliding after double-clicking the home button.
Lock screens could potentially be unlocked by any user with a finger, so for stronger security, mobile phones began supplementing them with other unlocking features. Apple initially required 4-digit passcodes for unlocking iPhones, but these were too easy to guess, so with the 2015 iOS 9 update, Apple increased the default passcode length to six digits. Pattern locks and fingerprint scans added additional layers of security. Most recently, smartphones have begun using other biometric authentication methods. Qualcomm’s latest Snapdragon processors use the Haven security platform, which supports user authentication through iris and facial recognition, in addition to using artificial intelligence for hardware-based malware detection.