How to Fix the Flawed Android Factory Reset before Selling the Phone
Researchers from Cambridge university just found out that they will be able to recover data on a wide range of Android smartphones, even if a factory data reset on them is performed. For an operating system that is ran in over 500 million devices, and that many users, is a shocking fact. This is so bad a flaw, that the information including login credentials, text messages, e-mails, and contacts can be recovered even if they are wiped using data reset feature.
Well, we also talked about data encryption on Android devices. But shockingly again, the researchers group mentioned that a full disk encryption doesn’t ensure security of the data, and data can still be recovered. If you have been someone boasting about the recent security options in Android, you probably would be the most disappointed.
This is something to worry about if you are selling your smartphone to someone, and you had used this phone as your primary one, logging into all accounts and having a lot of important files and pictures.
But, until Google does something to fix this up, there is one way users can ensure that all the data is gone, in a way that it cannot be recovered later by anyone else.
How to completely remove data to make it inaccessible
You need to encrypt the data on your smartphone before performing the factory data reset, if you are planning to remove the data completely and don’t wish to recover it in any way, although recovering would’ve been possible only for experts and not for everyone.
Go to Settings > Security settings and you’ll find the option of encryption there. Read our Android Encryption guide to know more about it and find the right way to do it.
Researchers have been finding iOS to be harder to get into, thanks to the encryption done by the iPhone, using Secure Enclave measure which encrypts and decrypts the data, and makes it harder for even the much experienced attackers to get into it and steal the data. On the other hand, Android has an encryption but that is not a private one, and the algorithm is known to public, thus only if the factory data reset is done after the phone is encrypted, then the data is permanently removed from the device.