Can a mobile phone battery track you?
Written by a NortonLifeLock employee
With this little known exploit, a mobile phone’s battery life can actually be used to track online behavior. Security researchers have found that the battery status API of mobile devices can be used to track people online. In some instances, this can be used to upsell services purchased through a mobile app, ride sharing “surge pricing” for example. How else can this be used? Here’s what you need to know about the privacy and security issues raised.
Help protect your digital life on your devices.
Are you afraid of losing your personal information or all the precious things on your computer? Get comprehensive protection with Norton Security Deluxe across all your devices – up to 3 PCs, Macs, smartphones or tablets.
Create an account today and try it free for 30 days on up to 3 of your devices.
What is the Battery Status API
The Battery Status API was introduced in HTML5, and this was intended to give site owners information so that a version of websites designed for users on low power devices could be served. This API “allows site owners to see the percentage of battery life left in a device, as well as the time it will take to discharge or the time it will take to charge, if connected to a power source” according to a news report on the research.
This is all seemingly harmless information. But as the security researchers pointed out, the combination of battery life as a percentage and battery life in seconds creates a pseudo identifier for each mobile device. That is, if the device can be identified from one out of 14 million possible combinations.
An Ad Blocker or a VPN cannot prevent someone from taking advantage of the battery status API to identify you and track the sites you visit. However, there is some degree of safety in numbers -- you’re one of 14 million possible computers.
It isn’t precisely known if website owners, whether an advertiser or company, are actively using or tracking information from the battery status API. As the story develops, privacy or security implications can be better known. Want to learn more about protecting your mobile privacy and security? Read on for a few best practices.
Mobile Security Best Practices
- Download apps from official app stores.
Third-party app stores may not put apps through the same rigor as official app stores such as the Google Play Store or Apple’s App Store.
- Avoid connecting to public wi-fi from your mobile.
An unsecure Wi-Fi hotspot could put your mobile data at risk.
- Check an application’s settings before you download.
Beware of apps that ask you to disable settings that can make your device security vulnerable or allows access to data on your phone’s memory that can compromise your privacy.
- Use a reputable mobile security app.
Norton Mobile Security scans apps before you download using App Advisor (powered by Norton Mobile Insight) which automatically lets you know about malware, privacy and other risks. This proactive protection also includes lost or stolen device recovery that set off an alarm to find it fast, or see the location of your missing phone or tablet on a map.
Safety for every device.
Security is no longer a one-machine affair. You need a security suite that helps protect all your devices – your Windows PC, Mac, Android smartphone or your iPad.
Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.