You’ve probably heard a lot of people talking about online security measures. I’ll cut it short. But first, let me tell you that these are things people are still figuring out. Some people don’t even know about them. What I want here is for everyone reading the blog to be aware that they might need a revamp on mobile or desktop.
Where the debate starts
When the internet wasn’t around, the most obvious thing to think about in terms of security, besides homes, was your bank. That is still true, but there are a number of engineered systems that invade those realms which we like to keep private. Our financial health might be at display, as well as our personal items and behavior when we’re alone.
One way to think about it is that social media became more or less of a home. They even designed the “home” button on browsers and apps, as well as phones. For a whole generation, home will be synonymous with the act of clicking on the reset screen on your device. But if you configure access to third parties, when logging into a different website, you might see prompts by Google and other media companies.
The gist of it is that finding out ways to stop these other people, whose ability to manipulate personal data you’re unaware of, from gaining access to your secrets and conundrums might be a good idea. Another point of view is that to get as much help as you need (or that which you can) might contribute more.
What about specifics?
The tools created for protecting people in the digital world don’t go just as far as third-parties, meaning companies. We know there are several bad actors online. I could say the experiment on Tinder, or even an app like Wink (gaining increased popularity, but beaten by South Korean and Chinese giants), might give you a glimpse. But that is not what user experience specialists believe: they want data to be representative.
How, then, do we secure our communications and avoid disturbances, from a software point of view as well as social and behavioral, mental health wise and so on? Two solutions are Two-Factor Authentication and biometrics. The former assures users that only they can have access to their accounts, on their own devices (but is there tracking?); the latter mixes up elements of banking and verification on socials, increasingly common (but at what point do companies control that?) — and you might face some challenges in setting these things up.
This blog has alluded to some concerns over web security many times in the past, in Portuguese too. One of them resulted on a mention by someone in the Chamber of Congress, over a podcast entitled “Talks about the Future” (8:29).
2FA as part of online security measures
The idea is that you receive a code via SMS to make sure that only through an authorized device will it be possible to access whatever account you set up. The problem: ISPs have a hugely exploitative business model, which makes people pay for speeds they’re not getting, besides floods of spam.
If you don’t have a career plan, you may lose your number altogether, because of a lack of payment, in the pre-paid systems. And then, if you set up 2FA thinking this would protect you, that could mean losing access to an account forever, unless you have the luck to find good customer support, which is, absolutely, able to reverse 2FA remotely.
This alone should make you question a lot of things. Also, if you choose a specialized application, such as Google Authenticator, you should never reset your phone to factory mode, or you’ll lose everything you have saved in there, and not having a second option of 2FA will leave you locked out permanently. Again, customer service could be kind to help, but demand is high.
Biometrics as part of online security measures
We all know that our frontal cameras are not exclusively for selfies anymore — and we knew this from the beginning. It turns out, as we navigate the “adult world”, that biometrics are the most advanced tool that there is to prove you’re a legit user. And so, if your phone gets stolen and your lock screen was biometric, that means good news for you, but bad news for the one who stole it. A PIN code or a pattern could be recorded on camera, through the use of illegal apps.
What some users have faced is a problem with their frontal cameras. Even in the most modern phones, there’s just one of them. So in case something happens to your phone’s security, for a myriad of reasons (from data shared to permissions to compromised accounts to closed phone numbers whose activity is deemed suspicious to a crack on the screen or dust near the movement sensor), you might not be able to access your bank account. You might not be able to verify yourself on a new app. And guess what, you might not be able to take a selfie or post stories every day.
While some of these problems may seem minor, biometrics have been debated extensively by groups of people concerned with the state of surveillance in worldwide domain. If you’re from a poor background and you’re asked to wink to confirm that you’re you in the process of opening a bank account, be wary of the that. Also, don’t underestimate surveillance power and app oversight: these are private companies whose main interest is your personal data, in order for them to make profits.