Customers are hanging onto their phones longer than ever, with the average consumer now waiting about 3 years before trading in their phones. What this means is that when a user finally does trade in their phone, it's hard drive potentially contains more information than ever – information that could be used to steal customer identities or commit other data crimes. Smartphone trade-ins might be a valuable source of revenue, but how can carrier, retailers and OEMs protect customer privacy?
A Lot of Data Gets Left on Old Phones
Smartphone manufacturers, vendors, and carriers sometimes ask users to factory reset their phones before trading them in. If this isn’t performed at point of sale, it will be performed by a trade-in partner later on. This avoids liability that may come from selling a phone with embarrassing or incriminating information on it.
Unfortunately, the “factory reset” process isn’t that secure. You’d think that a factory setting which is supposed to delete all the files and data off your phone would actually, you know, delete all files and data off your phone. Instead, all that happens is that the reference pointers that connect your operating system to your files and data get deleted. The data is still there, and it remains there until it gets overwritten with something else.
Just as an example, the security company Avast performed an experiment in 2017 where they purchased 20 factory-reset phones and then set their data-recovery experts to work. They found over 40,000 photos that remained on the devices, including 1,000 photos of a rather sensitive and personal nature. They also found loan applications, emails and text messages, and enough information to potentially steal owners’ identities.
Is There a Safe Way to Wipe a Phone?
As a carrier, retailer or OEM, this is an opportunity to educate your customers on the pitfalls of trying to resell their phones themselves versus trading in their phones.
Customers may not know that factory resets don’t completely clear data from their phones. However, when your trade-in partner is R2 Certified, you can provide your customers with reassurance that once you take a phone off their hands, there is a secure chain of custody and phones are completely wiped of personal data.
The R2 standard – which stands for Responsible Recycling—is serious business. Companies pass multiple audits which ensure that every phase of the supply chain is documented and held in accordance with best practices related to both security and the environment.
Data Security Goes Above and Beyond with HYLA Mobile
At HYLA Mobile, we provide an R2-certified program that securely wipes customer phones in a way that goes above and beyond the factory reset process. All the customer has to do is remove the password from their device and hand it over – we do the rest. Our process involves re-flashing the mobile device with a new operating system. Unlike a simple factory reset, this process overwrites old data, making it impossible to recover.
Here, we specialize in creating secure supply chains for previously owned smartphones while maximizing value for resellers. We make sure that all phones are securely wiped before they’re sold, and that no third parties are able to tamper with the phones before or after they are resold. For more information on ensuring your customers’ data security with trade-in, contact HYLA today!