Setting up a Secure Phone: A Complete How-To Guide for Privacy Paranoids and Whistleblowers (2021) | EFANI Setting up a Secure Phone: A Complete How-To Guide for Privacy Paranoids and Whistleblowers (2021) | EFANI

Latest news

Discover the latest from our blog

Setting up a Secure Phone: A Complete How-To Guide for Privacy Paranoids and Whistleblowers (2021)

While many attempts were made to build the most secure phone, the majority of them ended up a flop. It’s super expensive to build the hardware software and then market it. There’s a reason why we have a monopoly of Android and Apple because it’s a super tough business. Does that mean Android and iOS are both safe? Heck no! This article will explain how you can secure your devices – either Android or iPhone.
Both of the devices have inbuilt issues, those issues will be addressed here step-by-step.
Your “unsecure” device is a lottery to hackers. It is a loophole or a result of compromised privacy where the hackers find a crack to enter in as a rabbit.

    • The conventional device encompasses dozens of personal information – from auto-fill credit card details to passwords;


    • CAs an average gadget dependent individual, we all are relying on our smartphones for everything – from ordering Uber, to online shopping, communication, etc.;


  • Surprisingly, despite everything we are not securing our device while recognizing the cyber risks.

Such considerate lapses make us easy hacking prey. To avoid falling to such vicious attacks, consider these security tips to make your device more secure.

Educate – Open Source vs. Closed Source

iOS is deemed to be more secure than Android. Well, when it comes to privacy and security, (even the closed-source technology might be a victim to hacking) for instance, Apple’s older version iOS 11 was cracked in 24 hours (after its launch). Does that make Android safe?

Android devices are reciprocal, dependent on open-source code. The loophole is exacerbated by the tinkering process by the phone owners. The manufacturing permission allows the manufacturer to modify Android’s operating systems. Hackers thank them for this, furthermore, YOU for not knowing this before them.

The code is easily modified on Android. In mirror to, the fragmentation of an iOS operating system is by a host of companies. The (iOS) device manufacturer ensures the base OS that is not open to malicious interference.

Although iOS is pretty secure, that should not create an impression to disregard the myriad of threats (it has to your data security). Hackers do not see how strong or weak the portal is to trespass it – they just trespass. iPhone 11 was certain with its “confirmed” security launch, but mid-term (July) report 2019 revealed shocking patterns of malware developers aiming to deploy malicious variants to exploit the “promised” security features of iOS 13.

How to get a secure phone – Android?

Modern devices are the new frontier or incentives of data breach incidents. Malware is infectious where it could be possible through installing an unauthorized application without any reviews, clicking on the doubtful email (phishing), or simply via SMS. Normally, malware takes forms in ransomware, trojans, spyware, and worms.

Red Flags – Regular Android Security Threats

Modern devices are the new frontier or incentives of data breach incidents. Malware is infectious where it could be possible through installing an unauthorized application without any reviews, clicking on the doubtful email (phishing), or simply via SMS. Normally, malware takes forms in ransomware, trojans, spyware, and worms.

1. Man-in-the-middle attacks – it is a three-way play: the victim; correspondent who the victim is communicating to, and the whistleblower (or interceptor). As you can get, the interceptor is using your live information.

2. Trojans – stealth malware disguised as verified software. They are on the verge of tricking you and at this stage, you should know how to spot and implement the right strategy. If you let them in, then .

3. Ransomware – this is where your device is locked so your precious information is encrypted. They demand payment to unlock your device (just like a kidnapper) or to revert your data back to you at a predetermined cost. Attackers trick you via social networking schemes, bogus texts, pop ups, embedded viruses etc.

4. Insidious Keyloggers – software that records keystrokes, they record your information while you are typing.

5. Adware – pop-up advertisements displaying on your device, from more sophisticated to modest or simplest version. It may contain some malvertising code to eat your device by implanting pop-ups. 6. Spyware – hacker’s spies on you here – remotely, recording your information.

The Operating System

The Operating System

There has reportedly, or figuratively, layers of protection in an Android’s OS that determines or adds value to its security. There is a default function to “allow” or “block” a certain action. This permission function is vulnerable to malware because it is open-source. This greater flexibility is a cause of such vulnerabilities, where an adjustment is needed to secure your device. These useful security settings help you serve the internet or download the content safely. Android comes with brilliant lock your device options such as Trusted Places, Trusted Voice Recognition, Trusted Face, and On-Body Detection.

Just rely on authenticated source. Android is available to many – this opens the hacker’s portal. This does not mean that iOS users are not attractive targets for cybercriminals. Both of the device users need to be vigilant when downloading third-party applications that are a door to viruses or malware. Google Play Store suffices.
  • Standard Security Settings include Google Play Protectand On-device encryption.

Let’s check the “by-default” Security Settings. The most notable example is Google Play Protect (for malware protection) and on-device encryption. The first one helps you get rid of malware, such as their Play Protect scan apps (available to be downloaded from the Google Play Store) ensure malware-safety content. This also recognizes and removes malicious applications before they are ready to download in your device.

So, whatever app is developed, it passes from the vetting stage on the Google Play Store, where the Google Play Protect scans your applications (by default) for malware prior to or post installation.

Secondly, Google Play Protect limits jailbreaking incidents, this means downloading unauthorized applications from unauthorized platforms. A rogue application can infect your Android OS. Android’s popularity opens the development of new applications, probably designed to infect your holy Android from unknown sources.

The need for safe browsing using Google Chrome – helps protect you against malware/ phishing content – perhaps unknown sources. Android OS provides prevention from malicious (unknown) or cryptic downloads. The later, on-device encryption is another default security feature of an Android System. To reap the benefits of the encryption, you need to lock your Android with a password, PIN, or a pattern. Once locked, the 256-bit AES standard encryption is working as a safeguard to protect the stored data on your device.

Basic Android Security Settings

This is something hackers don’t expect you to have in place – let’s disinfect these pests. At the very basic level it includes:
  • A good password
  • Two-step verification
  • Find My Device tool

How to set up your password?

Conventionally, a PIN works or password are locking methods of an Android. The best layer of protection you could add is to set up a perplexing, complex, unique alphanumeric password with a combination of uppercase and lowercase letters, numbers, symbols. These two links are extremely helpful: and

How does two-Step Verification or the 2FA work?

This means needing two different codes from different sources. An SMS based 2FA means a code is sent to you via text, this means the code when you enter on the account password bar, then will you get access.

This prevents hacking because the culprit doesn’t have access to your SIM. You must be thinking, “Hey! What if they hack my SIM?” I have an option for you, you can enjoy your safety with America’s Most Secure and Private phone plan with a 100% money-back guarantee for 60 days. In order to set up a 2FA, simply go to your Google Account’s Security > Sign in > Enable 2-step verification.

Is it necessary to opt to find my device?

Yes. Losing a device is an unwelcome circumstance, you never know when would it fall in the wrong hands. This tool is a primary back-up plan suggested to every Android user – as this tool keeps your valuable data safe. It is designed to keep you worry-free when unexpected circumstances take place.

How is “Find My Device” lifesaver and how to enable it?

Sign in to your Google account, with your location turned ON, while you get in your account, please go to settings > security > Find My Device – toggle it ON, please.

Advanced Android Security Settings

Fingerprint Unlock

The fingerprints sensor offering secure authentication as well as protection than passwords. Settings > Lock screen and security > Screen lock type > fingerprint.

On-body detection

It is unlocked only when it is in your hands, otherwise it automatically locks, but it is unable to detect once passed to another human.

Trusted Places

It is configuration where the device remains unlocked where you want them to be unlocked (for instance, home; or regular workstation).

Trusted Face Recognition

Facial recognition is considerate and is available on Android’s Smart Lock suite. It is advised not to use 2D or 3D sensing-camera, as it could be easily recreated.

Trusted Voice

As the name suggests it can only be open when a trusted voice is heard by the device. Here is how to opt it – Settings > (Smart Lock can be found under settings and should be on) > security > Advanced > On Body Detection/Trusted Places/ Trusted Face Recognition/ Trusted Voice/ Trusted Devices can be on as per your choice.

Additive Security Layer – Pro Android Security Settings

Now, let’s add more security layers in terms of – physical security key; disable Bluetooth connectivity; password managers; authenticator app; lockdown mode; VPN; Smart Lock/ Auto Sign-In.

Now, let’s add more security layers in terms of – physical security key; disable Bluetooth connectivity; password managers; authenticator app; lockdown mode; VPN; Smart Lock/ Auto Sign-In.

Physical Security Key

A security key means you and your trusted individual only. If someone breaks into your account, they cannot get in due to the security key. What does it look like? A teeny-tiny flash drive, portable, allowing you to save your precious authorized data.

Disable Bluetooth Connectivity

Don’t trust your Bluetooth connectivity in public, because it gets your device connected with someone unauthorized.

Password Manager

Like LastPass ‘vault’, Dashlane, 1Password works well, keeping your password organized and safe from hackers. They also help you save complex passwords and even work with your fingerprint.

Authenticator App

Instead of 2FA sending you SMS codes, this app helps generate more unique code on your device and not relying on your SMS only (even if an eavesdropper encrypts it).

Lockdown Mode

Android 9 users are blessed to activate this mode where your device will be locked and won’t be accessed even with your fingerprint scanner, and Smart Lock will not be working. Hold down power button and select lockdown


Using a public (coffee shop or airport) Wi-Fi is a sin but you may be tempted to use it and surf the web. VPN encrypts online activities. Trust me, it saves you from eavesdroppers or hackers. In the Android world, you can use:

Smart Lock

Use it on and off. Keep updating or off it when not auto-fill is not needed. This is because hackers could take benefit of it. Security > Sign in > Saved Passwords > Toggle On/Off per need.

How to get a secure phone – iPhone?

Like every clockwork, every year a new iPhone is launched with a new iOS for the pre-existing models. This is a great excitement for users – as well as – hackers.

Recently, a renowned hacking team has launched a new “jailbreak” technique that unlocks every “walled garden” iPhone – even the latest iOS 13.5. New features help to minimize cyber risks. Here are some tips to do so:

On your automatic iOS updates

Updating OS is important, as these address software (past) weaknesses. A specific code by a hacker can target this vulnerability, if you don’t frequently update your operating system. You can auto-on it:

Go to Settings > Press general > Tap software update to turn on automatic updates

USB Restricted Mode

This prevents juice jacking. At simplest, it means when you can install a malware or information could be stolen by plugging in an USB port. You can on it by:

Go to settings > Scroll down to Touch ID & Passcode > Please type in your passcode and scroll further down to USB Accessories not permitted on the lock screen > Turn it off in case it is on.

Toggle on built-in Find my iPhone

This is a tracking software that uses GPS to locate a stolen phone. The activation lock prevents hackers from using your iPhone and to gain access to your useful data. If you want to get a hold of it, use your Apple ID and password because without it a hacker cannot turn off your Find My iPhone feature. You can enable it by:

Go into your settings > User name > iCloud > Scroll down to Find My iPhone > Turn it on and activate it to send your recent location > Since you are asked to login, use your Apple ID here.

Get rid of specific widgets in your lock screen

Widgets is a shortcut to features like Wi-Fi, wallet, Bluetooth, and camera, since it is part of iPhone lock screen hackers can swipe up your personal information. To disable you can: Toggle on to settings > control center or Toggle off those widgets that you do not want in your lock screen.

Make yourself habitual of VPN while using public Wi-Fi

It allows you to serve the internet safely while using coffee shop Wi-Fi or airport Wi-Fi.

Privacy settings bi-weekly or periodic monitoring

Audit your iPhone where you would want to delete unwanted applications that consume more space. Most notably, you can find an email regarding changes in privacy policies, keep a close eye to it. You are just two clicks away from privacy – go to settings > tap privacy. You can revise the permitted applications and revoke them where unnecessary.

Unique passwords

Make unique alpha-numeric passcodes, a password generating tool can help. Instead of auto-filling it (by saving the information) you can write down the unique password on paper for future use. You can set the passcode by: Going to settings and Touch ID & Passcode > Enter Passcode > You can select a custom numeric code or generate it online and type here (while writing it down on a piece of paper).


It adds a second layer to your privacy and security. You can either choose a PIN, password, or pattern. You can opt for fingerprint or similar biometric authentication. Thirdly, you can opt a credit card, phone, USB token as an additional identity verification. You can follow the prompts after: Sliding to settings > Press on your name, and go to Password & Security > Scroll down to find 2FA and turn it on.

Choose Auto-Lock

You can limit the screen activity time by opting auto-lock, click on settings > Scroll down to general button > Select Auto-Lock.

iOS 12 feature: Password Audit

As the name suggests, it asks you to frequently change your pre-used passwords. It is hefty work to select an alphanumeric or unique password for each account, the rule is least followed. This feature helps to manage your password in an easier manner. The stored passwords will be audited to spot any of the repeated patterns. The report will let you know. You can opt to audit or change your reused passwords: Settings > Passwords & Accounts > Look up for Website & App Passwords > Click it to enter your passcode > A red “warning” triangle will let you know if duplicate password > You can then revise it using password generating tool.

Backup encryption is needed

We back-up our business chats regularly, we pay less attention to encryption. If you encrypt your valuable back up data, it will reduce the vulnerability to hacking. The best encryption is to connect it with iTunes, which can encrypt your backups. This also allows you to maintain a separate password for this encryption.

Connect your device to open iTunes > The Backup section contains the “Encrypt iPhone Backup” option, click it to create a separate password.

Do not share location information

iOS 13 allows you to limit image location metadata, to enable it when you share your image click on option, where you can see location option, toggle it off or deselect it.

Turn off Siri

As talkative Siri is she can pass on your data to hackers without your permission, she asks for verification to get access to sensitive information but hackers are smarter and can fool around Siri. Settings > Touch ID & Passcode > Turn off the allow access when locked option.

Auto-fill should be off

This is the easiest way for hackers to get access to your information. To disable it please visit your settings > Safari > Autofill > disable each permission.


This guide was to educate you with the approaches of being highly private and have a secure phone when you are a journalist or associated to such profession where leaks are common and can cost you your life. To be open, the above links were not just shared for some traffic generation or affiliation; they are here because they are accurate and give you a vast overview of what to expect, and how to compete with it.

Today SIM hacks are very common even among the famous ones like Jeff Bezos, or the celebs like Amanda Cerny or King Bach. Thanks to the services of Efani for providing military grade protection , and above and beyond services! Even I as a writer is following the above the guide as a result of my research for being as secure as I can because you never know what to expect or who’s watching you.
solution efani

What Did I Miss?

Oops. I forgot to tell you that Efani is so secure that it provides military grade protection and you can have a relief when you get our network! And if I missed something else or if you may have any suggestion, let us know in the comments. Thanks for reading!