Can a mobile phone battery track you?
Authored by a Symantec employee
With this little known exploit, a mobile phone’s battery life can actually be used to track online behavior. Security researchers have found that the battery status API of mobile devices can be used to track people online. In some instances, this can be used to upsell services purchased through a mobile app, ride sharing “surge pricing” for example. How else can this be used? Here’s what you need to know about the privacy and security issues raised.
Safety for every device.
Security is no longer a one-machine affair. You need a security suite that helps protect all your devices – your Windows PC, Mac, Android smartphone or your iPad.
What is the Battery Status API
The Battery Status API was introduced in HTML5, and this was intended to give site owners information so that a version of websites designed for users on low power devices could be served. This API “allows site owners to see the percentage of battery life left in a device, as well as the time it will take to discharge or the time it will take to charge, if connected to a power source” according to a news report on the research.
This is all seemingly harmless information. But as the security researchers pointed out, the combination of battery life as a percentage and battery life in seconds creates a pseudo identifier for each mobile device. That is, if the device can be identified from one out of 14 million possible combinations.
An Ad Blocker or a VPN cannot prevent someone from taking advantage of the battery status API to identify you and track the sites you visit. However, there is some degree of safety in numbers -- you’re one of 14 million possible computers.
It isn’t precisely known if website owners, whether an advertiser or company, are actively using or tracking information from the battery status API. As the story develops, privacy or security implications can be better known. Want to learn more about protecting your mobile privacy and security? Read on for a few best practices.
Mobile Security Best Practices
- Download apps from official app stores.
Third-party app stores may not put apps through the same rigor as official app stores such as the Google Play Store or Apple’s App Store.
- Avoid connecting to public wi-fi from your mobile.
An unsecure Wi-Fi hotspot could put your mobile data at risk.
- Check an application’s settings before you download.
Beware of apps that ask you to disable settings that can make your device security vulnerable or allows access to data on your phone’s memory that can compromise your privacy.
- Use a reputable mobile security app.
Norton Mobile Security scans apps before you download using App Advisor (powered by Norton Mobile Insight) which automatically lets you know about malware, privacy and other risks. This proactive protection also includes lost or stolen device recovery that set off an alarm to find it fast, or see the location of your missing phone or tablet on a map.
Don’t wait until a threat strikes.
Security threats and malware lurk on Windows PCs, Macs, and Android and iOS devices. If you use more than one device – like most of us do – you need an all-in-one security suite. Meet Norton Security Premium.
Enjoy peace of mind on every device you use with Norton Security Premium.
Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.
Norton by Symantec is now Norton LifeLock. LifeLock™ identity theft protection is not available in all countries.
Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec logo, the Checkmark logo, Norton, Norton by Symantec, LifeLock and the LockMan logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the United States and other countries. App Store is a service mark of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution Licence. Other names may be trademarks of their respective owners.