Below you’ll find 7 things that you have to be careful about, especially when traveling.
#1 Charging your smartphone in public places
Many airports and other public places offer cables or USB ports for charging your phone. What many people are not aware of, is that connecting your smartphone to a public USB port or cable can actually pose quite some security risk to your phone. Third parties could potentially get access to your phone. Of course, in large airports, it is not very likely, that your phone will be compromised when charging it. However, protecting your smartphone is relatively easy, so it’s absolutely worth it. There are three things you can do to protect your device:
- Use your own USB adapter: you may use your own USB adapter and plug it into an electrical outlet. Then you’re safe, and nothing can happen to your data.
- Use a USB data blocker: These are small intermediate USB devices that block the data stream between a public USB-plug and your device. Only the electrical current needed to charge your phone can pass through this blocker, while any data stream is blocked and access to your device is physically not possible.
Use induction to charge your phone: If your phone allows you to charge it with induction, like for example the iPhone X, then you could make use of this wherever they offer it in public places. When charging your phone like this, it is safe.
#2 RFID scanner
Even if you don’t carry a credit card with an RFID chip, many new passports do have such a chip. Depending on the issuing country different things can be stored on the chip. While for US passports no personal information is stored on the chip, European passports usually store a copy of your picture and your fingerprints on the RFID chip.
With RFID readers (including a broad range of Android devices) it is easily possible to capture this data from your passport. To prevent this from happening, we suggest buying an RFID-proof cover to protect your passport.
# 3 Don’t use touch ID
In some places, your fingerprint is not considered to be a password. While a customs agent might then be able to force you to unlock your smartphone with your fingerprint, the agent wouldn’t be able to force you to hand over your password. Not using your fingerprint to unlock your device, when you cross a border is thus a good idea.
It is noteworthy that in many places the border agent may also be entitled to force you to hand over your passwords. In other places, customs agents might not be allowed to do so, but then if you don’t co-operate they might refuse entry. However, I’ll go into more detail on this later.
# 4 Use full disk encryption on all your devices
Encrypt the hard disks of all your devices and turn them off, when you’re crossing a border. If the devices are fully encrypted, it is not possible for anybody to access your data without the decryption keys.
Luckily, iOS devices are always fully encrypted. To encrypt your Mac machine, you can use the built-in FileVault. If you’re a Windows user, you can use BitLocker to enable full disk encryption of your hard drive. For Android devices, encryption capability is built-in but usually needs to be turned on separately.
# 5 Beware of public Wi-Fi
Public Wi-Fi’s are notoriously unsafe and a significant security risk. Especially in airports, with lots of people on business trips, eavesdropping and man-in-the-middleattacks on public Wi-Fi’s are frequent. Things like your passwords and credit card details can be captured and abused.
Protection on public Wi-Fi’s is readily available with a VPN. A VPN encrypts your entire traffic between your device and the VPN server. Thus it is not possible to intercept your communication, and your passwords and your credit card are always safe.
# 6 Consider moving data temporarily to the cloud
If you expect third-party access to your device, sensitive data like your passwords in a password manager should be protected well. In this case, it might make sense to temporarily delete such sensitive data like key databases from your device and store them in a trustworthy cloud. Cleaning your device before traveling and moving any unnecessary chunk to a computer or – in an encrypted state – to a trustworthy cloud can also make your device look less suspicious.
# 7 Co-operate
Once custom agents seize you, it is essential to be polite and honest. If you can’t afford to be refused entry, you will likely have to co-operate and hand over your passwords. Don’t try to trick the agents with hidden volumes or anything alike.
A possibility to comply with the requirements of handing over passwords while still protecting your data is to set up two-factor authentication for which you do not bring the second factor. Just bear in mind, that you will not have access either without the second factor. 😉