Security Settings You Need To Turn On To Avoid A Google Pixel Hack
In recent years, as the smartphone market has matured, manufacturers and ethical hacking groups have both cast their eyes to security more than ever before. Google's Pixel devices feature a number of features designed to keep the data on your device safe from malicious actors. Google's Titan M2 chip, for example, is a co-processor included in the Pixel 6 and Pixel 7 families, serving as a secure environment to store cryptographic keys. Another step Google has taken to make all Android devices more secure is encrypting the operating system by default on every Android device running Android 6.0 and up.
The most important thing you can do for your device's security is to enable some sort of lock screen access prevention. Device encryption doesn't mean anything if an attacker with physical access to your device can unlock it with the swipe of a finger. Whether you use a PIN, pattern, password, or biometric unlock, it's important to have some form of access prevention to maintain the integrity of the encryption.
Unfortunately, there have been a number of vulnerabilities discovered in Google's Pixel devices recently, from the Google Pixel 6a's fingerprint scanner bug that allowed unknown fingerprints to access the device to the far more insidious Exynos vulnerability that attackers could use to inject malware into affected devices' via Wi-Fi and VoLTE calling hardware. While Google has since patched these issues via updates, there are still a few more things you can do to make your device safer.
Restrict app permissions
One of the main attractions for Android users is the level of control it gives them over their devices. App permissions control which apps can access which features and hardware and when they can access it. Generally speaking, you're likely to encounter an app asking you for permissions to access your camera, local files and images, location, and microphone, but there are a number of additional permissions you might get prompted for, including things like NFC sensors and being able to run in the background.
As a general rule of thumb, it's best to only allow apps to access the bare minimum. This helps limit data collection and unnecessary device access by overreaching apps. Some permissions allow for more granular control over access. Location permissions, for example, allow you to decide whether you want the app to have access to accurate or approximate data and allow you to enable location access when the app is in the foreground only.
One thing you can do to improve your device security is to allow Android to remove app permissions when the app is not used. The option you need to enable in Settings is "Pause app activity if unused," and you can find it under "Unused app settings," in the "Apps" settings page.
Enable Google Play Protect to sniff out malicious apps
Over the years, there have been plenty of instances of malicious apps being kicked off of the Google Play Store for containing malicious code or committing ad fraud. While these apps are usually removed as soon as they're caught, some might slip by. The problem comes in when an app slips by and remains installed on devices by unwitting users who didn't realize there was any danger. Google Play Protect aims to solve this problem by keeping an eye on the apps installed on your device and warning you to remove them when harmful behavior is detected.
The types of things Google Play Protect looks for include privacy issues, like apps that don't accurately disclose what they're doing with your data, apps that are misleading about their functions, and apps that alter your phone's system in unexpected ways. Google Play Protect should be enabled by default, but you can and should check that it is if you're at all concerned about security. You can find Google Play Protect by opening the Play Store, tapping your profile picture in the top left, and opening Settings. In Settings, you will see an option titled Scan apps with Play Protect. Tap that to enable or disable Play Protect.
Use the built-in Google One VPN
Google's Pixel smartphones have always had access to exclusive software features and benefits that don't necessarily make it to other smartphones. The Google One VPN is one such feature, freely available to owners of the Pixel 7 and Pixel 7 Pro, but locked behind a $1.99 monthly Google One Basic subscription for everyone else.
VPN by Google One, like most other VPNs, helps secure your network traffic by encrypting it and sending it through Google's secure server. It also hides your IP address and helps prevent cross-site tracking. All this adds up to a more secure connection and will prevent any malicious forces from spying on the content you're sending and receiving on less secure networks, like those used by your local coffee shop.
If you're the owner of a Pixel 7 or Pixel 7 Pro and you live in one of the eligible countries, you can enable VPN by Google One by downloading the Google One app from the Play Store if you don't already have it installed. After installation, simply open the Google One app, open the "Benefits" tab, tap on "Enable VPN," and enable the VPN with the toggle on the following page.