The factory reset function of Android smartphones is supposed to delete all apps, files, and settings from the device and restore it to an out-of-the-box state. The process, however, is flawed and leaves a door to recover data. This is why we created the Secure Wipe app for our encrypted communication devices, Secure Phone.
Sometimes the only way you can guarantee a piece of information doesn’t end up in the wrong hands is to destroy it. Once upon a time, you had to use paper-shredders to do that. In the digital world, however, you probably don't want to shred your hard disc – afterall, you probably want to use it more than once. For that purpose, you have formatting. For regular users it has become a synonym of “permanent delete” but what it actually does is setting up the drive in the right file system format to record files. This reset of the system overrides all old data.
Factory-resetting an Android device works in a similar way. The phone reformats its drive, designating the old data on it as logically deleted. “Logically” is the key word here. It means that the pieces of data are not permanently erased, but writing over them has been made possible. For the average user, the two things mean practically the same. However, researchers from the Cambridge University’s Computer Laboratory have proven that on Android phones running versions of the OS up to 4.3 (which nowadays is one in five Android smartphones), user files are easy to recover after a factory reset even with off-the-shelf forensics apps.
How is Secure Wipe better than a factory reset?
Knowing the limitations of Android’s built-in factory reset function, Secure Group developed a superior method for its encrypted communications devices. Meet Secure Wipe – our proprietary purge-everything app available on both Secure Phone and Secure BlackBerry. What this app does is a deep formatting of your phone's local and external storage (as opposed to the quick format method described above). It gets rid of several things a regular factory reset wouldn’t:
- Personal data and metadata. This includes your account data, history, contacts, stored media, and all email folders such as inbox, outbox and sent messages. The wipe also purges all metadata logs, practically erasing every trace of any communication that happened via the device.
- Encryption keys. This is one of the trickier parts. If a regular Android device is encrypted and factory reset if performed on it, the encryption key will remain retrievable – which, in turn, will allow hackers to unlock the encrypted partitions later. Secure Wipe erases the key for good as well.
- Everything stored on an SD card in the device. A factory reset doesn’t touch external drives. Our app does. The presumption is that if you want everything on the device to be gone, this also extends to the card.
To put it in other terms, Secure Wipe takes no prisoners.
There are 10 ways you can wipe your Secure Phone
We decided to take the wiping concept a few steps further on Secure Phone. The usual way to wipe the device is when you go to the app, open it, and initiate the process. To do that, you need to have the device in your hands. But this is not always the case – what if it gets stolen? This is why we introduced ten different ways to wipe Secure Phone.
- Through Secure Wipe – the above-mentioned method via the app itself.
- Incorrect input of encryption password. When you turn off the device, it gets encrypted. Upon reboot, it asks you for the decryption password. If you type it wrong a predetermined number of times, Secure Phone will wipe.
- Incorrect input of lock device password or PIN – same as the above, but in the case when the device has just been locked and not shut down. A number of wrong inputs will wipe the Secure Phone.
- Via Duress wipe. This is a way to wipe your phone intentionally directly from the lock screen. Imagine someone forces you to unlock your device, and you have no choice but to comply. You can enter the duress password, and all the data on the device will get wiped.
- When changing devices. You can switch one Secure Phone for another and use the same account. As soon as the enrollment process for the new device is over, the old one will wipe.
- Remote wipe through Secure Email. The latter is part of our encrypted communications apps suite, which comes preinstalled on Secure Phone. You can set it up so if the phone receives a message containing a specific wipe password, the device will wipe. You can send such a message to the phone yourself, or have a trusted contact do it.
- Remote wipe via Secure Chat. Same as the above but through our proprietary encrypted chat app.
- Wipe through Secure Manager. This is the billing and account management platform that our distributors use. They can also wipe devices under their management through it.
- Wipe through the Secure Administration System (SAS). This mobile device management (MDM) platform which controls every aspect of Secure Phone. It could also be used to initiate a wipe.
- Self-wipe in the case of server connectivity loss. Secure Phone is designed to sync periodically with SAS. If the device fails to sync with the platform, this may mean it has been stolen and put in a special container which blocks outside communications (used by attackers to prevent remote wipe attempts). In this case, Secure Phone will wipe itself after a certain number of failed syncs.