Mobile Application For Securing Your PIN Codes And Passwords
In the fast growing IT world today it is normal to view people around with high education and at the same time there are others who indulge in the criminal activities. Since mobile phones have gone on the zenith of their glory, their theft is also gone parallel. To counter this, there's little users can do as there are no resilient security measures built-in in most of the phones in use nowadays. At most, users can apply PIN code, prompted at startup, to allow access to the phone menus. These types of measures can be breached fairly easily even at local shops that reportedly changed IMEI numbers as well!
So what can be done to safeguard personal and financial information - which could be bank account numbers, ATM PIN codes, NIC, passwords and other such sensitive information? First, avoid using cell phones to store such info under obvious names - for example, do not save 4554 as a saved message, reminder, note or a task having caption ‘My Bank ATM PIN'. If you can come up with a personal cipher, use it as adding 155 to every numerical value saved.Although not a very secure options, still it's better than straight give away. Or, if you really want to secure organised data, use a third party Java based encryption application employing industry standard encryption algorithms like, DES and AES.
First Application
First such application is Watchman, a 59K app. Access to this app is password protected and as this initial password is entry point to your secure data, makes sure you set it to something that is easy to remember but hard to guess. The app is divided nicely in manageable menus - Categories, Preferences and Change Password. Actual information resides under Categories. Under each category three distinct types of ‘Records' can be added.
First record is Credit Cart definition contains card name, PIN, card number, expiry, security code and a 100 character free text field called Observations. Second category is Login, having fields Item Name, Username, Password, URL and Observations. Third category is Text Note, much like a notepad on your cell, with a whooping 2000 character space to store any text you like. The ‘Preferences' menu lets you select inactivity time and action to take upon threshold minutes are passed, for instance, app can be locked or ended after two minutes of inactivity. Then there's all important max login attempt control. User can also define how many attempts are allowed after which the application exits, or delete all the saved data - reminiscent of Mission Impossible!
Then there's a straightforward help as well but it's not likely to be used in such a simple app. The only limiting factor here restriction of three categories with two records each. It is the only glitch of this otherwise fully functional tool, and one can still live with it as it translates to six distinct records, with possibility of saving multiple information under free form text note record given its 2K character limit.
Second Application
Second such tool is Secret Codes. It starts with a progress bar showing it's a bit heavy app. There's no password to open the application, but individual databases that reside inside it are individually password protected. This can be of use for those who want to keep shared information secret without having to worry which partner has the physical possession of the phone. A new database can be created using Options > New. Enter a name and a password. Press Options > Create. Database becomes ready and is opened automatically.
There are no records at the moment. Press Add to enter key and value pairs. These could be login / password, bank name and ATM PIN etc. User can add several such entries for each database thus keeping relevant info organised. There's an option of taking and restoring backup through cable attachment with a PC. With a very small size, 25 KB, and completely free, this is a great application for the security buffs out there.
Third Application
Third one is DazioAES, which is a similar app with 44 KB size and is categorised as a password manager. It employs AES encryption standard based upon Bouncycastle cryptography library. The first screen asks for password to be entered, leaving a newbie bewildered until Options > Help is selected to know the default password, which is 0000.
Next screen asks for email address, clear the default one and leave the field blank to arrive at main screen showing Element List. Go to Options > New. Enter Title, Username and Password. Press Options. Here, selecting Notes allows freeform text entry of up to 1024 characters. Finally, press Options > Done to save the ‘element'.
There is web-based synchronisation option (upload and download) but is not recommended as the password is also saved in the same application and allowing web-access can be a security risk. One of the strong points of this app though is password length. Max 256 character password can be applied.
All these apps are available at GetJar. Surf this site using PC to note the download code, which can be entered in the cell phone browser pointed at GetJar to save GPRS browsing and searching time. And you do not need to have any specialised cell phone OS like Symbian, PalmOS and WinCE, which means these apps are compatible with low-end Java enabled cell phones running native OS, just like Nokia 6030.
But remember, securing cell phones is also a matter of common sense and taking general precautions. Beware of e-banking statements - balance inquiries and statements - in your inbox. Also, turn off auto-save outbox feature to make sure your SMS banking PIN is not key-logged. In some cell phones with auto-saving off, last typed message remains in ‘compose message' screen until explicitly cleared. Make sure all such cache type data is removed promptly.
