With recent security and privacy issues resulting from the San Bernardino iPhone dispute, it’s a good time to learn more about encryption.
What is encryption?
Basically encryption is a method used to secure information stored on any electronic device. This includes data such as text messages, photos, emails, and documents on smartphones.
When data is “encrypted,” it means it’s in a scrambled format, which makes it unreadable for computers or people without a key (such as a PIN code or passphrase) to the device.
It’s actually more complex than simply requiring a PIN code – Apple for example, requires several pieces of information in order to access data within the device. In addition to a PIN code or a fingerprint required from the user, there is also a key embedded in the device’s processor (secure enclave), which is unknown to anyone.
Encryption on iOS
Apple only started encrypting their iOS devices during the release of iOS 8 in 2014. Prior to this version, certain data stored within the phone could still be accessed by Apple. An official warrant was later on presented to the company that prohibited them from accessing the data.
After the release of iOS 8, Apple is no longer able to bypass any iOS device’s lock screen and access data within the device, which was the issue surrounding the dispute between the company and the FBI.
Encryption on Android
Android first offered users the choice to encrypt their devices in 2011. This option was entirely up to the user, meaning manufacturers were not involved.
When Google released Android 5.0 Lollipop in 2014, the operating system had encryption enabled by default. However, it was still optional for phone manufacturers as it was not a requirement. Most of them disabled the setting and simply pointed to performance issues as the cause.
It was only until last year’s release of Android 6.0 Marshmallow that Google started requiring all manufacturers to enable encryption for all devices. There was still an exception for phones that were considered entry-level. Here is a more technical explanation regarding this exception.
With encryption enabled on Android phones all data is secured behind a PIN code, password, pattern, or fingerprint.