Claim ID: 00010

The following claim is often repeated as an advice to users:

If the data is encrypted, malware won’t be able to steal it

The claim is considered: FALSE

Why is it false?

Every modern mobile operating system encrypts the user data by default¹². It’s done to make sure that when your device is stolen or lost the data stored on it cannot be easily read. However, malware runs as a process on the operating system and, depending on granted permissions, will have access to the files in the same way as any other application does. This means that, provided it has appropriate permissions, malware can e.g. access your photos even though they are stored encrypted. However, encryption would prevent a thief from accessing the photos if your phone gets stolen and it’s locked.

Modern mobile operating systems provide sandboxing of applications³⁴. Sandboxing prevents one application from accessing files that belong to another application unless they both agree to share the files. This means that malware, even if it gets installed, will not have access to e.g. the full message history in your instant messaging application or the full browsing history kept in your browser.

Full device encryption on modern mobile operating systems is a very important security feature, but it does not impact malware’s ability to steal the data. This is achieved using sandboxing and the permission model.

Statement sources

The websites below repeat the claim. This is not a full list of websites.

• 5 Ways Your Mobile Device Can Get Malware
• Tips to Prevent Android Malware

Campaigns

No misinfomartion campaigns have used this claim.

Footnotes

1. Encryption, Android Open Source Project ↩

2. Encryption and Data Protection overview, Apple ↩

3. Security of runtime process in iOS and iPadOS ↩

4. Application Sandbox, Android Open Source Project ↩