Support 100 years of independent journalism.

  1. Science & Tech
10 November 2015updated 01 Jul 2021 1:31pm

The world’s poorest rely on mobile phones – but they could be most vulnerable to hacks

Research shows that phones in developing countries lack important updates which would protect them from security breaches. 

By Barbara Speed

Perhaps the most ignorant, point-scoring criticism of refugees during this summer’s crisis was that they had mobile phones. “Poverty stricken Syrian migrant takes selfie with her $600 smartphone”, one Twitter user commented above a photo of a woman holding her phone – ignoring, of course, the fact that Syria’s poverty is largely down to its recent conflict (the World Bank ranks it as a “lower middle income” country), and there are 87 mobile phones in Syria per 100 people.  

Of course, even without these factors, it would have been a naïve thing to say. Evidence shows that even in the poorest countries, people own mobile phones above all kinds of other amenities. While phones are expensive, they’re also incredibly useful for everything from organising a small business to keeping in touch with family. This is especially true in areas where landlines still haven’t penetrated – mobiles are allowing individuals to leapfrog their government’s slow uptake on telecommunications infrastructure. According to the Pew Research Centre, 8 per cent of Ghanaian people said they owned a mobile in 2002. At the end of 2014, that figure stood at 83 per cent, compared to 89 per cent of US adults.

So in a sense, mobile phones are a democratising force – but that doesn’t mean they don’t tie into poverty in more abstract ways. A study carried out by a Cambridge research group investigating vulnerabilities on Android phones showed the two devices most likely be vulnerable to malware or hackers, Symphony and walton, are both cheaper models used in the developing world. Symphony received a score of 0.412 out of ten for security, walton a score of 0.272, and LG phones received a score of 4.23 .

So how did this gap in security come about?

I spoke to Daniel Thomas, a researcher on the Android Vulnerabilities project. The metric quoted above is based on how many users had installed updates and patches – so users of Symphony and walton were, on average, much further behind on updates and patches than, say, LG users. Phone software companies tend to release these updates when they identify vulnerabilities in earlier versions, so a non-updated phone is far less secure than an updated one. 

Sign up for The New Statesman’s newsletters Tick the boxes of the newsletters you would like to receive. Quick and essential guide to domestic and global politics from the New Statesman's politics team. The New Statesman’s global affairs newsletter, every Monday and Friday. The best of the New Statesman, delivered to your inbox every weekday morning. The New Statesman’s weekly environment email on the politics, business and culture of the climate and nature crises - in your inbox every Thursday. A handy, three-minute glance at the week ahead in companies, markets, regulation and investment, landing in your inbox every Monday morning. Our weekly culture newsletter – from books and art to pop culture and memes – sent every Friday. A weekly round-up of some of the best articles featured in the most recent issue of the New Statesman, sent each Saturday. A newsletter showcasing the finest writing from the ideas section and the NS archive, covering political ideas, philosophy, criticism and intellectual history - sent every Wednesday. Sign up to receive information regarding NS events, subscription offers & product updates.

Thomas says the lack of updates isn’t really to do with the models themselves, or even technical literacy – after all, to install an update you just click “install” when a pop-up prompts you to do so – but other factors, like the price of mobile data. “An update could be over a gigabyte, and if you have to download that over cellular data and you’re paying by megabyte, then that could be a substantial financial disincentive to do so,” he says.

Phone users in these areas may already be paying extortionate amounts just to charge their phones – they may well want to avoid paying for WiFi or data to install updates.

Content from our partners
How do we secure the hybrid office?
How materials innovation can help achieve net zero and level-up the UK
Fantastic mental well-being strategies and where to find them

Then there’s storage. Users in these countries typically have “feature phones”, rather than smartphones, which tend to have less storage, so new updates may not even fit on the devices. In Uganda, 65 per cent of the population had a mobile phone by spring 2014, but only 5 per cent had a smartphone. 

However, indirectly, these factors mean phones owned by people in poverty-stricken areas are more vulnerable to malware and hacking. Thomas says he hasn’t seen evidence that malware is particularly rife in these countries yet, but another technological trend could exacerbate this problem hugely: mobile payments. These have taken off rapidly in Africa particularly, for the same reason mobile phones have – because more old-school finance infrastructure isn’t in place yet. But if these payments are carried out on insecure phones they could create their own host of problems.

As Thomas says, the lurking problem of data security could perpetuate existing inequalities: “It means that these people, who are already poor, are now at much greater risk of other problems. It’s a classic poverty cycle”.

The Android Vulnerabilities team stumbled upon this effect mostly by chance, and there still isn’t much research into phone security disparities in different parts of the world. Logically, though, it makes sense: our smartphone usage is built around societies where we treat electricity and WiFi like water. In areas where you must pay-as-you-go for both – and usually water, too – users’ security is under threat.

Topics in this article: