If your worried about your phone tracking you can just get a faraday bag for it. You will be limited to listening to messagess and making out going calls but it will limit tracking. For me I can't think of a phone call that I would not be ok with being broadcast over a PA system. The constant tracking is a bit more problematic but I guess you take the measures you fell necessary to maintain the desired level of privacy.. As far as banking on your phone I rarely do that unless I really have to. I use the same security measures I would as using online banking from home. Highly recommend you use two factor authentication for everything. Online services are not the problem. Its people security hygiene.....
2 factor authentication is a joke. It relies on you having your phone around and that is not always possible. Not to mention it relies on google accounts not being hacked. Which we all know never happens. 2FA is problematic for most people and is something that will actually make things less secure.
this is a copy of an article, sorry I was unable to do the url on it as it requires sign in to view.
The Illusion of Security: Why Two-Factor Authentication Falls Short in Ensuring Privacy
Introduction:
In the digital age, privacy concerns have become increasingly prominent. With hackers constantly devising new ways to infiltrate personal information, users are urged to adopt security measures for their online accounts. One such widely recommended practice is two-factor authentication (2FA), which adds an extra layer of security on top of traditional passwords. However, despite its widespread use, 2FA is not as secure as it appears. In this article, we will explore why two-factor authentication is not foolproof in safeguarding our online privacy.
1. The Weakness of Mobile Devices:
While 2FA primarily relies on using mobile devices to generate unique codes, these devices themselves can be vulnerable. Malware and other forms of attacks can compromise the security of mobile phones, giving hackers access to the 2FA codes and undermining the entire process. Moreover, if a user's mobile device is lost or stolen, the attacker may easily bypass 2FA by gaining control over the device.
2. SMS Vulnerabilities:
One common method of 2FA involves receiving codes through SMS messages. However, these messages can also be intercepted or exploited through SIM swapping, where a hacker convinces a mobile carrier to redirect messages to a SIM card under their control. By obtaining the 2FA codes, attackers can easily bypass this security measure. Furthermore, SMS can be intercepted and read by malware or rogue applications installed on a user's device.
3. Phishing Attacks and Social Engineering:
While 2FA adds an extra layer of security, it can still be circumvented by clever phishing techniques or social engineering. Hackers use sophisticated methods to deceive users into revealing their credentials or providing the second factor, rendering the whole purpose of 2FA futile. By impersonating trusted entities, attackers can trick users into disclosing sensitive information or granting access to their accounts.
4. Authentication Apps at Risk:
Authentication apps, such as Google Authenticator or Authy, offer an alternative to SMS-based 2FA. However, these apps are not immune to risks. If a user's device is compromised or infected with malware, attackers can access the authentication app and extract the necessary codes. Additionally, users who don't sufficiently protect their devices or back up their app data may lose access to their codes, locking themselves out of their accounts.
5. Inconvenience Breeds Compromise:
One aspect often overlooked is how inconveniences associated with 2FA may lead users to compromise their security. Frustration can push individuals to disable 2FA, use easily guessable codes, or even write down sensitive information in insecure locations. The inconvenience of constantly entering additional codes may result in users opting for less secure practices in the name of convenience.
Conclusion:
While two-factor authentication is commonly touted as a robust security measure, it is not foolproof in protecting online privacy. Mobile device vulnerabilities, SMS exploits, phishing attacks, social engineering, and even user inconvenience create ample opportunities for hackers to bypass this security layer. It is important for users and service providers to remain aware of these limitations and explore additional security measures to strengthen online privacy. Ultimately, maintaining a proactive approach to personal cybersecurity is crucial in an ever-evolving digital landscape.