The world's poorest rely on mobile phones – but they could be most vulnerable to hacks

Research shows that phones in developing countries lack important updates which would protect them from security breaches. 

NS

Sign Up

Get the New Statesman's Morning Call email.

Perhaps the most ignorant, point-scoring criticism of refugees during this summer’s crisis was that they had mobile phones. “Poverty stricken Syrian migrant takes selfie with her $600 smartphone”, one Twitter user commented above a photo of a woman holding her phone – ignoring, of course, the fact that Syria’s poverty is largely down to its recent conflict (the World Bank ranks it as a “lower middle income” country), and there are 87 mobile phones in Syria per 100 people.  

Of course, even without these factors, it would have been a naïve thing to say. Evidence shows that even in the poorest countries, people own mobile phones above all kinds of other amenities. While phones are expensive, they're also incredibly useful for everything from organising a small business to keeping in touch with family. This is especially true in areas where landlines still haven’t penetrated – mobiles are allowing individuals to leapfrog their government's slow uptake on telecommunications infrastructure. According to the Pew Research Centre, 8 per cent of Ghanaian people said they owned a mobile in 2002. At the end of 2014, that figure stood at 83 per cent, compared to 89 per cent of US adults.

So in a sense, mobile phones are a democratising force – but that doesn't mean they don't tie into poverty in more abstract ways. A study carried out by a Cambridge research group investigating vulnerabilities on Android phones showed the two devices most likely be vulnerable to malware or hackers, Symphony and walton, are both cheaper models used in the developing world. Symphony received a score of 0.412 out of ten for security, walton a score of 0.272, and LG phones received a score of 4.23 .

So how did this gap in security come about?

I spoke to Daniel Thomas, a researcher on the Android Vulnerabilities project. The metric quoted above is based on how many users had installed updates and patches – so users of Symphony and walton were, on average, much further behind on updates and patches than, say, LG users. Phone software companies tend to release these updates when they identify vulnerabilities in earlier versions, so a non-updated phone is far less secure than an updated one. 

Thomas says the lack of updates isn't really to do with the models themselves, or even technical literacy – after all, to install an update you just click “install” when a pop-up prompts you to do so – but other factors, like the price of mobile data. “An update could be over a gigabyte, and if you have to download that over cellular data and you're paying by megabyte, then that could be a substantial financial disincentive to do so,” he says.

Phone users in these areas may already be paying extortionate amounts just to charge their phones – they may well want to avoid paying for WiFi or data to install updates.

Then there's storage. Users in these countries typically have “feature phones”, rather than smartphones, which tend to have less storage, so new updates may not even fit on the devices. In Uganda, 65 per cent of the population had a mobile phone by spring 2014, but only 5 per cent had a smartphone. 

However, indirectly, these factors mean phones owned by people in poverty-stricken areas are more vulnerable to malware and hacking. Thomas says he hasn’t seen evidence that malware is particularly rife in these countries yet, but another technological trend could exacerbate this problem hugely: mobile payments. These have taken off rapidly in Africa particularly, for the same reason mobile phones have – because more old-school finance infrastructure isn't in place yet. But if these payments are carried out on insecure phones they could create their own host of problems.

As Thomas says, the lurking problem of data security could perpetuate existing inequalities: "It means that these people, who are already poor, are now at much greater risk of other problems. It's a classic poverty cycle”.

The Android Vulnerabilities team stumbled upon this effect mostly by chance, and there still isn't much research into phone security disparities in different parts of the world. Logically, though, it makes sense: our smartphone usage is built around societies where we treat electricity and WiFi like water. In areas where you must pay-as-you-go for both – and usually water, too – users’ security is under threat.

Barbara Speed is comment editor at the i, and was technology and digital culture writer at the New Statesman, and a staff writer at CityMetric.